Small Wars Journal

Intelligence Information Sharing – Revolution 2.0 Needed

Intelligence Information Sharing – Revolution 2.0 Needed

Robert Sharp and Fahad Malaikah

The tragic events of 9/11 drove a revolution in the intelligence information sharing environment from a “need to know” basis to a new “need to share” approach across the global intelligence community.  This new approach ultimately led to the creation of the Office of the Director of National Intelligence (ODNI).  After 9/11, it was painfully obvious to most that we had to share intelligence better and more widely to counter terrorism.  Perhaps less obvious, it was assumed that technology could protect our information more effectively, in that sharing intelligence locally and internationally presented less risk through utilizing modern technological architectures for our secure networked systems.  Activities that were previously conducted behind green baize doors – often on paper, sometimes in person – subsequently migrated to collaboration across open protected systems with robust electronic assurance and auditing.  

That was, of course, until Bradley Manning, Julian Assange and Edward Snowden prompted a counter to the post-9/11 revolution in intelligence information sharing, which we fear is occurring now.  Their desire to leak to advocate their view of rights and transparency has done untold global damage and might take us back to the dark ages of intelligence unless checked. 

What these individuals fail to understand – or maybe it was their design – is that access to vital intelligence information created through a “need to share” approach may now be restricted for many, possibly even cut off.  We worry that world intelligence communities will not just lick their wounds, but return to the “need to know” approaches, thus stemming the flow of information as the intelligence communities return to old ways.  We already have proof of this in the form the deteriorating relationships of the U.S. with our German and French partners, and with some Latin American and Middle Eastern countries.  Some foreign partners appear to be distancing themselves from the U.S. as the leaks continue. We suspect some fragmentation in trust is occurring locally, too, across the U.S. agencies.  

The activities and outputs of these arguably misguided few have affected the many.  If we react by closing down our robust flow of intelligence information locally and internationally, we are arguably inviting the conditions of failing to share that contributed to 9/11 as much as the failure of imagination, as articulated by the 9/11 Commission Report.  Of course our enemy is not as constrained as us, as suggested by a phrase attributed to a previous leader of the Irish Republican Army: ‘we have to be lucky only once, whereas the security forces have to be lucky all of the time!’

Finding the needle in the haystack is distinctly harder if the leaks force us to fight alone and with one hand tied behind our back.  Added to that is our unnerving tendency to share with the world our successes through vivid accounts in the media where we have publicized what we intercepted and how we got it, thus arguably exposing critical intelligence capabilities.  With the suspected increase in capabilities of networked terrorist organizations, we could quickly find ourselves on the back foot resulting in further catastrophic attacks that the protagonists of share-rights would take no responsibility for. 

Information as a domain is still undefined both academically and legally.  We wrestle with conceptualizing it – whether linked to cyberspace or social media – as an element of national power.  Meanwhile, our enemies are advancing.  We are in the firing line and the perpetrators of leaks reside on neutral ground with sanctuary provided by an oft-times misguided international law system and some countries that are happy to abuse us by their provision of protection irrespective of the impact to global security.

A colleague who flew fast jets in close formation in the post-World War II era once told a story about an increase in accidents derived from close-formation flying as pilots became less combat savvy.  All pilots expected orders to increase the distances between aircraft allowable for flying and to have flying hours reduced.  The outcome – though counterintuitive to some – was an order to fly more, not less, in order to perfect their craft.  Analogously, we must hang tough and focus not on reducing flow and information-sharing, but increasing both.  Though our solution may seem equally counterintuitive, managed risk is the watchword and we suggest the urgent need for a comprehensive report to derive a new system of recruiting, vetting, mentoring and monitoring intelligence professionals and contractors to cater for the few who ideologically drift and threaten the many.  This seems the only logical way to stem the current trend of leakers and at the same time not retract and close down the necessity to share to keep us in the fight against enemies that are watching our every move and learning from them.  After all, as noted by intelligence specialist Richard A. Best Jr., national security ultimately “depends on those who willingly uphold the oaths that they have taken.”


Outlaw 09

Tue, 11/19/2013 - 11:31am

This is another problem I have with this article---while blaming someone else---the NSA itself seems not to be aware of and or ignores the reality.

If they cannot police themselves to correctly follow the various federal laws then who can be trusted?

After Watergate we in the intel world lived with the "bible"---what we could and could not do and it worked well for years.

In Iraq we picked up a US citizen by chance---he thought it would be great to open a business in Iraq and just wandered into one of our checkpoints driving a NJ plated F150---does anyone realize when one fills out an IR---where it states US Yes or No---WHAT really happens if the Yes is checked based on the "bible"---one really thinks twice about stating Yes.

Maybe this is what Snowden was aiming at ---the surveillance program against Americans either in the States and or outside of the States---based on the released article below from today he might be in fact right that the NSA was collecting "in bad faith".

WASHINGTON (AP) -- The National Security Agency reported its own violations of surveillance rules to a U.S. intelligence court and promised additional safety measures to prevent similar missteps over and over again, according to more than 1,000 pages of newly declassified files about the federal government's controversial program of collecting every American's phone records during the past seven years.

According to court records from 2009, after repeated assurances the NSA would obey the court's rules, it acknowledged that it had collected material improperly. In one instance, the government said its violations were caused by "poor management, lack of involvement by compliance officials and lack of internal verification procedures, not by bad faith." In another case, the NSA said it improperly collected information due to a typographical error.

The intelligence court judge, U.S. District Judge John D. Bates, said in the 2009 case that since the government had repeatedly offered so many assurances despite the problems continuing, "those responsible for conducting oversight at the NSA had failed to do so effectively." Bates called his conclusion "the most charitable interpretation possible."

Outlaw 09

Tue, 11/19/2013 - 7:59am

There is a really simple question to ask about the sheer millions spent on setting up the NSA's surveillance program---what did it really get us in the end?

It had little to no impact on the outcomes in Iraq and or AFG---it may had made the life of AQ leaders worldwide a bit hectic dodging drone attacks potentially triggered via sigint ---but overall just what did it gain us as those killed AQ leaders via drone directed sigint attacks are/were easily replaced and AQ is just as functional as it was before the attacks?

Many of the jihadi web sites and especially the chat rooms would publicly announce they knew they were being monitored---and yes we have caught some via the chats but again really what has the impact of the millions spent been on the global jihadi networks?

Many sites especially in the 2007/2008 phase posted a number of suggestions for encryption and how to protect ones chats/emails. So for the global jihadi what the NSA was up to was no big surprise. Sometimes I had the feeling that the jihadis simply did not care who was listening/monitoring them as they were in own world in their conversations.

Sometimes programs have a dynamic of their own and just get bigger and bigger and the value drops proportionality but the program drags on just getting bigger---this is in fact what has happened.

I remember in the late 1990s early 2000 timeframe of a similar FBI internet intercept program that got raked over the coals for violating US privacy laws and was stopped.

Again I say the true intelligence damage created by the spying of James Hall while he was working at the NSAs Berlin Teufelberg site was far greater than anything released currently by Snowdown which even the jihadis assumed was occurring.

Many in the intel community felt the damage was far greater than that of Walker in his 17 years of providing sigint intel to the Russians. Ames damaged the CIA via denting their HUMINT networks---Hall damaged our sigint abilities at the height of the cold war

Bill M.

Tue, 11/19/2013 - 4:23am

In reply to by davidbfpo

I'm sympathetic with the authors, the lessons from 9/11 largely centered on our inability or unwillingness to share intelligence between our own agencies and connect the dots that may have prevented the 9/11 attacks. Since then our intelligence sharing has improved and a number of terrorist attacks were prevented. The improved sharing extended beyond our agencies to include increased sharing with our allies and partners when it comes to terrorist related intelligence.

This is why I think when the damage assessment is complete we'll determine that Snowden's leaks are, perhaps by far, the most damaging to our national security (and larger collective security interests of our partners), since Aldrich Ames. His actions, combined with recent leaks from the White House on who provided intelligence for various CT targeting efforts will further undermine the faith of our partners in us. They take their intelligence assets seriously and don't understand our tendency to burn assets for a short term political gain (or personal gain as in Snowden's case), which makes it less likely they'll share intelligence with us that could prevent future attacks.

He put a lot of our friends in a bad position with their allies and friends by exposing their spying efforts (despite the fact that everyone knows we all spy on each other). Sadly this isn't new in our history, in the book, "Fourth World War" written by the head of French Intelligence (Count de Marenches) in 1992 he discusses this issue at length. He said it was well known among friendly foreign intelligence services that the U.S. couldn't keep secrets. During one discussion with CIA Director Casey France wanted to share some intelligence with him, but they needed his promise the intelligence wouldn't be leaked. Casey was honest, he said he couldn't promise that, so the French didn't share the intelligence.

I don't know what the solution is, but despite the risks we need to keep sharing, because the risk of not doing so is greater when we're focused on common threats such as terrorism, transnational crime, etc.

Outlaw 09

Mon, 11/18/2013 - 4:09pm

In reply to by davidbfpo

Part of the problem also lies in the loosening of the way US classified documents were classified say in the cold war days where with TS/S and yes even Confidential documents being numbered and controlled ---this done as a way to identify when documents were passed to foreign agents meaning we could then track where a particular document came from and who handled it.

Then in the 90s it was loosened then only TS documents were physically controlled---arguments were that with the increasing sheer numbers of documents it was impossible to control all of the three levels ---was easier just to handle TS.

Then went it fully electronic things got even looser and when there are literally multiple databases that one can search from your desk Pandora's box was opened and we are now seeing the impact of the digital world even in the intelligence fields---there use to be a joke in the late 90s when large standalone numbers of computers were networked--- the only why to protect the data was to disconnect them from the network---practicing "safe sex".


Mon, 11/18/2013 - 3:47pm

As an outsider to this issue may I add a couple of comments.

The latest revelations, if not scandal, rely on the illegal possession of an untold amount of documents; of which a good number are not the property of the USG, e.g. GCHQ. Why are non-USG documents, complete with logo etc stored on the NSA system? Yes "economy of effort" and now we can see some of the price being paid.

I was taught to guard the actual origin of intelligence, even assigning a 5x5x5 grading that was not on the original source document. A secure index was kept, with very limited access.

It appears (my emphasis APPEARS) that even basic security was discarded with the 'need to share'.

Outlaw 09

Mon, 11/18/2013 - 2:10pm

Would argue the following;

1. Chief Warrant Officer James Hall damaged the NSA far greater that Snowden will ever and his leaks led to the killing of a US Army MAJ in 1985.
"An Army intelligence specialist and a Turkish-born civilian living in Florida were arrested today, breaking what American officials said was a major espionage operation that funneled information about the West's eavesdropping capacity to the Soviet Union and East Germany for six years.
American officials said the operation appeared to have inflicted serious damage on the United States' electronic spying efforts in Europe but added that the extent of the damage was still being assessed."

2. AQ and related groups to include most of the Sunni groups in Iraq had made numerous comments during their interrogations that they "knew" they were being monitored---in 2007 AQI even released a in clear text English document with Arabic subtitles on how to use a particular US software product that one could purchase over the counter in order to send encrypted emails. A number of intel agencies did not even know the document was flowing through the various jihadi web sites.

3. NSA activities especially in Germany have led to the latest polling showing that German trust in the US has sunk to the 35% level even lower than after our entering Iraq---the second most distrusted country next to the US is Russia.

4. Even though there are claims of X number of terror attacks being prevented---the NSA has never been able to show a single clear relationship between data collected and preventation---that is known among Europeans.

The core problem is the expansion of the contractor base and the literally thousands of TS/SCI clearances which used contractors based on a quota system to conduct background checks---the old days of need to know did not restrict the sharing of information between French and Germans as it flowed through a number of direct contacts.

A SECOND issue is the belief still shared today in Europe that the US intelligence agencies take all and never share and that is reflected in new reporting today that all questions submitted by the German government requiring answers from the US STILL have not be answered further leading to the belief that the US is still in the TAKING mode.

Information flows must be based on trust not on the need to know-if trust is there information will flow-right now the actions of Snowden tend to
seem to Europeans to be trusted more than what they are getting out of the US-meaning no answers to their questions.