tv Politics and Public Policy Today CSPAN April 26, 2016 12:30pm-2:31pm EDT
these are hard questions but they aren't new. free peoples always try to balance security with privacy, safety with liberty. and the point i try to make to audiences is those are all virtues. we want them all. this is not the forces of light and the forces of darkness of the security guys dressed in black and the liberty guys get to be dressed in white. no. these are all the reasons we organize governments among men. and so we have a history of trying to balance what are actually desirable virtues. how do you do that? how do you make the balancing? i see judge mccasey over here. he and i have talked about this from time to time. it is based on the totality of circumstances in which you find yourself. that fulcrum moves based upon the broader external environment and appreciation of which is created by good intelligence.
and you have this history. what constitutes reasonable expectations of privacy, which is what we're guaranteed? it depends upon the totality of circumstances in which you find yourself. i made a tactical decision on the afternoon of 9/11 with regard to u.s. person minimization at nsa. i mean, a little tweaking of the dial, but fully within my authorities. again, based upon that we were in a different circumstance, we were aware we were in a different circumstance, the afternoon of 9/11 than we thought we were in the morning of 9/11. so we make these choices all the time. and so as you make that decision whether you're going to have to tack left and tack right in balancing these virtuous ends, necessity seems to be pretty good element to hold up to the light. the proportionality, how much good do i get for the necessary harm i might create?
and distinction. how much of this can i focus on those that truly deserve daush that are legitimate targets as opposed to those who might be what we call incidental or inadvertent collection. we do that all the time. so i think that augustin's on to espionage as well as war. this is a good way for us to calibrate bp i will admit a problem. and it's more a political than it is the ethical problem that you laid out, david. in the political process, when we have arrived at the totality of circumstances, demands, we move the fulcrum. that we actually begin to squeeze privacy a little bit -- by the way, don't take this to be all that threatening. how much of you would have accepted what happens at dulles trying to get on an airplane? how many of you would have accepted that in july of 2001? the answer is none of us would. but because the appreciation of the threat, distinction proportionality and necessity, we undergo some squeezing of our
privacy. anyway, the broader poupt i'm trying to make is when you've made that decision based upon the totality of circumstances, and frankly i think adults make it and we try to make it wisely, i'm not worried about that. i think we actually can do that well. even as an intelligence professional, i am worried about going the other way. i am worried about what is the political process by which you then, because of the totality of circumstances in which you now find yourself, you can ease up on some of the things that you believe to have been necessary in the previous state of affairs. you know, there's a danger that this thing works like a ratchet wrench. and it easily goes only one way. i actually addressed this several years ago out of a talk at the university of michigan. and i said, it's hard for me to imagine the degree of political courage required for an administration to say, we've done that long enough. we don't need to do that
anymore. and to pull it back. but frankly, i fully embrace the responsibility if people like me argue for doing this, people like me need to be prepared to explain to policymakers how it is he gets to do that. and when. and that's also another responsibility we have to embrace. >> i see some folks in the audience i distinctly remember having the conversation with. that if we were successful in preventing another 9/11, that decades later we would have lots of conversations about, well, you didn't need to do that. why did you do that, that the attack would be -- you really didn't need to do those things. the threat was not that big. nothing really happened here. there weren't the mall bombings that were talked about after 9/11. there was not the shutdown of our transportation network. that clearly al qaeda wanted to do. there wasn't the great damage to our economy.
there wasn't the additional attacks that people talked about. so intelligence suffers. >> through its success. >> through its success, you are going to be continually questioned, and we recognized that at the time, and i distinctly remember having those conversations that the more successful we were, the more questioning we would get. but i do worry about what general hayden described in terms of the calibration and where that goes. if we were to lose an american city, what that would really do to our privacy, our civil liberties and what the reaction would be. the world, i don't think anyone is going to argue, is getting particularly safer these days or with the technology that is out there and becoming more and more widely available. we can talk about bio. we can talk about chem, cyber. pick your topic. it's not exactly making one feel
more comfortable about how widely it's available and the kind of tools that were only available at great expense to militants, to conventional large-scale militaries who were deterrab deterrable. we're in a very different world now in terms of the availability of talk about clean technology, splicing, to cyber to chemical. all of that knowledge in technology is available, and there's a down side to that. and so when we think about it in terms of what we had with conventional militaries, when we think about everything from communications to higher-end technology, that's so much more widely available now. and if that were to be used against americans, certainly we're going to be having a very different debate about intelligence and the authorities that are being used against americans. >> in fact, if we do our job well, it's just not american
safety we protect. it's real bullwork against threats to american liberty because of what we will do after a catastrophic failure. >> and we've seen -- we've had some very fortunate things. if the plane had gone down in 2009 around christmas which as every knows, that was very close. a fire on a plane is a very bad thing. we're talking about the person trying to set off an explosive on landing, final approach in detroit. and if you had 300 empty chairs at the dinner table that christmas, i think that would have changed america. that certainly got the administration's attention. and i think brought home something to that. unfortunately t and fortunately the passengers acted quickly to do that. someone tried to set off a full explosive in times square. if that had been successful,
again. another near-miss that i think would have certainly changed the debate that we've had. >> exactly. well, let's transition on the why is intelligence needed to -- what impact does it have. and i guess what i would ask mike to start with on this question of what is it that's produced by the intelligence community? let's get into the question of is it right size? do they play better together? there's 17 elements in the intelligence community now including the office of the director of national intelligence. and the question is, how well are they playing together in helping that decision-maker make good and sound decisions ten years, 12 years after irtpa and certainly since 9/11 where all these efforts to transform the intelligence community have taken place? >> sure.
so i'm remembering our early days in the office of director of national intelligence where we had john negroponte who was a wonderful choice and actually the perfect choice. my criteria was when the president went out to introduce the new dni, most of america could not be saying who's that guy with george bush? you wanted somebody who brought real gravitas to the job, and the second did, so he was a great choice. that said, didn't know a whole lot about the community. one of the first briefings we had was butcher paper, at that time you got your 16 boxes here, boss. we were drawing the boxes, and he's going why 16? that seems like a lot of people. and so david and ben and i walked him through the organization of the community. it's actually a rational division of labor. now, we were able to do this. we are able to specialize in the way we are because of who we are. we throw $50 billion a year at this enterprise. we've got about 105,000 people fully employed. david ignatius had a wonderful
line after brussels. he said that the europeans now are lining up at the american intelligence leviathan in order -- actually, i'll finish the thought david had. in order to get an american intelligence product while continuing to wring their hands about american intelligence collection, all right? so it is a reasonably well-organized community. a couple of highlights. state inr. i mean, by history, by character, by size, by focus, they do something that even that large stable of analysts out at cia can't do. i mean, it just brings -- it just brings a different aspect to analytical questions. david was at dia. he probably won't appreciate the description, but those guys are kind of the blue-collar workers of the american intelligence community. they created databases -- they compute the advance of a
motorized rifle regimen over frozen terrain. >> it's exciting stuff if you're into it. >> and somebody's got to do that. so it's okay. i don't mind the number 17. we're better at synchronizing the 17. i think all three of us have issued with how much power is opposed to responsibility the dni had been given all right. i think we're all broadly in agreement, we can make this work if we have the right people on the job. if you've got the right validation and sanction from the president. i think none of us are suggesting blowing it up again or perhaps inviting congress to do it one more time. that can work as well. even in the bad old days, i was fond of saying let me tell you a sentence i never heard. you guys are all screwed up. okay, you've got that sentence. you need to be more like the -- and i never got that one. i mean, before you run and say the israelis and so on when it comes to intraasia coordinating,
give me a break. we actually pre-9/11 were actually better at this than anyone else in the world in terms of going left and right across the three-letter agencies. now, neither god nor you, mark, on a curve and so the fact that we're better than everyone else should not be satisfying, but we were. and we had to get better, and we've gotten even better. i tell the story now with the current crisis in brussels. you know how europeans get information around europe right? tell the americans. they don't do it this way. they go to the hub. and we push the information out through the spokes. it's a big cartoonish, but it's not untrue. and so i think we've made good progress. it's big. it is a little bureaucratic. yeah, it could use some belt tightening. but fundamentally, it's all right. i do have one issue with it, though. and i would invite my partners here to see if they share this view. it's not something that we coordinated. from the outside looking in now
after seven years, it is, i think, a fairly slow-moving body. we talk about the ic in its totality. it appears to be overly cautious. it appears to be at least bureaucratically and in an acquisition sense risk averse. and dare i say, with a good lawyer to my left, badly overlawyered from time to time. and so if you're asking me to say anything about the community, it's take a look at yourself. from the outside looking in, i'm going to stop talking about procurement contracts. i'm just talking about a caution, a conservatism, a risk aversion, a slow pace about things. and again, if jim clapper were here, he'd be pushing back on every one of those descriptions, i know. but you asked. that's my observation. >> and i would add that it's been slow to embrace innovation
which has transitioned from the government sector in major programs to the private sector. and so that embracing of commercially available off-the-shelf capabilities may be modified by two or three degrees from what is bought off the shelf is one of those areas where i think it's been slow to embrace that. ben, any thoughts that you have in terms of how the community is functioning today? >> i don't think when we look at the elements of the intelligence community, as general hayden said, that you think of the number 17. you say gosh, that seems like a lot. there must be too many. there must be room to streamline. but then when you start to dig deeper and look at the missions of each one of those, it suddenly becomes very hard. as you know when we tried in the dni's office even with not to combine elements of the ic but to frankly give submissions that were given to the dni back to individual agencies, in some
cases the complaints went all the way to the president that said yes, we understand publicly that it's being attacked as too big a bureaucracy, but mr. president, the dni cannot give that back to one of the intelligence. and please order negroponte or mcconnell to not do that. so the dni kind of had this honest broker role behind the scenes. and when you look at some fundamental things that we have really prevents us from combining elements of the intelligence community. and i don't suggest that those are bad things. but as much as we've tried to erase a foreign domestic divide in intelligence or the idea of the wall and how much the wall between foreign and domestic intelligence and information sharing has been taken down, we've not changed our constitution nor should we change our constitution. so you're still going to fundamentally have an fbi with domestic authorities that you would not want the nsa to have.
you're never going to combine those. you're going to have a military intelligence apparatus that's needed for that tactical intelligence to understand the range of missiles, to understand the capability of a recoilless rifle. that's very different than a cia providing nonmilitary intelligence, strategic intelligence about the intentions of leadership gathering that human intelligence. so when you look at the missions of these individual agencies, certainly when we were thinking about intelligence reform in statutes, it never really came to the point where you'd say let's reduce these and combine these. that somehow we'd get a greater uplift from that. what is a challenge and that we, i think, made some progress on, and there's much more progress to be made is how the community can act in a more coordinated and also use the technology in other ways to share across the capabilities across the community. does everyone need to duplicate
the same capabilities, the same software, to have their own programs? do we need 17 or 16 programs across the community developing different systems, different software, different programs? and each one of those elements will say, well, wait a second. you need to understand we have our specific mission. we can't use what dia is developing. we can't use what cia is developing. so you always have those arguments. and that's something where i think the dia's office needs to show leader smp in why it was stood up it's hard to get behind do those arguments really have merit or is this someone wanting their own flavor of ice cream that's not core to the mission and we can get uplift from taxpayer money that we spend, which is a large amount of money, from looking to see what kind of commonality we can have across the community. >> i would just interject here. i think there's tremendous value in the millennials and those who have come on the scene in the last 10 or 15 years, who think
collaborati collaboration in what the agency calls tipping cueing. that is a tipoff from one agency in their collection to another one that allows for imagery to cover something that the national security agency has collected or human sources on the ground have collected in that there is a view that collaboration, particularly in -- and they would be younger to anyone sitting up here -- think about in their outside world think that that's a good thing inside. and i think among these 17, that certainly has improved from my perspective over the last decade. so let me still in this what difference does intelligence make to the policymaker if, for example, you were advising a presidential candidate? what two or three improvements in capabilities for the intelligence community would you recommend?
that we currently don't have? >> okay. we talked over breakfast here a bit about apple and encryption and all that. i think the broad sweep of technology is going to make the content of communications more and more difficult to read. and frankly, it's indifferent to what it is we decide on this particular case. i mean, we may accelerate it or slow it, but frankly, the arc is clear. content is going to get harder and harder to retrieve. so if you think of, david, everything we collect as this big pyramid, i've always -- it's this cartoonish sort of way, all right? but i've always said it's kind of your bodily signs. every morning you can tell how the organisms doing based upon it. it is comprehensive enough that you get that. and in the top 20 is unit. this is kind of industrial.
this is boutique. this is general. this is specific. this is essential olympic. this is elegant. and then in between you've got the other disciplines, imagery and measurement and we have lived through golden age of electronic surveillance. in the last 15 years, when all of us mistakenly and clumsly decided to put things we used to keep in a safe and decide to put them in our phone. again, i'm being cartoonish, but globally, that's what happened. we have been able to harvest volumes of valuable intelligence through electronic surveillance. all right? that golden age isn't going to end. but it is beginning to contract. if you are asking me to advise a president. how do you compensate for what was such a rich vein of useful intelligence? i think you begin to shift your emphasis to the other parts of the pyramid that are going to
have to take up the slack that's necessarily going to be created. by the way, it's not me giving up. content will be harder to come by. anyway, how do you shift your weight to to what i think you can predict is an inevitable evolution of what information is going to be available. >> you're not suggesting that's easy further up the pyramid. >> no, no. >> to complement. >> for god's sake, it was great doing it here. it's no longer available. now we have to spend -- it's going to be harder and different in how we gain it. that would be my macro view as to the broad arc that the community has to follow. >> ben, let me put a spin on this and go to executive order 12333 as amended in april. july of 2008. does that framework which obviously is nested below the intelligence reform and
terrorism prevention act give us what it takes to go into this future world of capabilities of the kind that might just describe or do we actually need to update eo-12333, executive order 12333? >> this executive order entitled united states intelligence activities is the charter of the intelligence community in that order lays out many of the functions, duties and responsibilities of the intelligence community. who is charged with performing the functions of the various intelligence disciplines. general hayden mentioned human intelligence, largely with cia in the lead. military and capabilities. the defense intelligence agency. so you find those in 12333. it also has the civil liberties protections that you hear so much about. in terms of bans on assassination, bans on
electronic surveillance done domestically. that is not pursuant to statute. we can go on and on through that order. a very fundamental order. updated in 2008. there were many, many attempts. we trace it back to 1981. to amend it. very hard to do back in 2008. really ultimately a number of decisions going to the president. this is a bit of an absecure order, but it lays out the plumbing and foundation of the community. i think we can continue with 12333 the way it is now. i think the community can make that work with the way it stands right now, with a few exceptions. but they are important exceptions. in 2008, we talked about cyber security and whether we were going to address responsibility for cyber security in 12333.
that was going to go in the too hard to do jar. even with the agreement in a rare time. of leaders, it was really a golden time in terms of having secretary gates and his background at the department of defense and understanding these issue issues of intelligence. general hayden at cia, mike mcconnell at the dni, judge mccasey and his demotivotion to this. ball muller at the fbi. and even in those cases, cyber is so fundamental to what so many agencies do that we had to put it in the too hard category. this administration made progress in terms of trying to divide divide the responsibilities in terms of dhs, nsa, fbi, cia and others. but it's still a question in my mind whether we have that right and whether we are getting the uplift across the community that we can in cyber. that brings me back to if we
were advising somebody in terms of the next president what improvements would we have or what questions should that person ask? one of the questions i would ask the president or i would have the president ask his leaders and say do we have the authority we need right now mr. or mrs. dni, mr. or mrs. secretary of defense to defend the nation's critical infrastructure. in the case of a cyber attack. there's been endless warning and testimony that this is one of the top threats facing the country. every time you turn on a congressional hearing. but the president needs to ask that question. do we have the proper authorities and organization. i do not want to hear in 2020 from a commission to review the attack on the nation's critical infrastructure that these agencies didn't have the right authority, they didn't have the
right people. >> no one said anything. >> they didn't have the right organization. if i'm that president, whoever that is, that's a fundamental question. there is no political constituency out there, i don't know it's going to get you electoral college votes in terms of asking that question. it's those types of things as president where you need to hold people accountable to say i don't want to hear from a commission two years from now that there are all these problems down in the community that we didn't have the authority and that no one brought those to the attention. i was elected by the people to protect them. if there are hard decisions and we need to go to congress and address the issues, i'm willing to take it on. i'm telling you i don't want to hear about a cyber attack on our critical infrastructure and the problems in your agencies and authorities you needed that were not brought to my attention because of political concerns or other concerns. as president, let me take that on. that's my job.
let's not go through this whole commission issue again where all of a sudden we're reading about things were overlawyered or there were myths about laws or fisa needed to be amended because it was out of date. okay. we have done that once. we were told by the staff not to bring it to your attention. it will second improvement i -- the second improvement that i would talk about is the need to support the intelligence community. that doesn't mean blind support. when they're wrong, they're wrong. when something goes wrong, there needs to be accountability. we can't have a feeding frenzy that goes unanswered that somehow is incorrect about lawlessness of the community. it's rare i have seen a community that has more attention in terms of compliance and other issues and frankly in some cases, overreaction. when you read about 9/11 and the myths and barnacles that grew up
around very cautious activities, so i think the president needs to understand the fragility of the work force and our intelligence sources and methods. and when there are issues, it needs to be defended if it's appropriate. it's not just a one-time defense. not just a one-time speech in our culture. it's something that needs to happen over and over again. and explain it to the american people. because it's if it's all just one-sided, if it's all portrayed in the darkest corners of the room, that does have an effect. it has an effect on political support and the ability to get the authorities from congress that you need to defend the country when we talked about the fisa amendments act and the issues that were with fisa and how outdated it was, that was a three-year process. that was endless hearings, endless amounts of testimony. endless amounts of briefings.
every single day it was really three yards in a cloud of dust. as it is portrayed as you showed up. you explained why it was out dated and we got a statute. having lived through that 24 hours a day for three years, this is something that's need to be done over and over again. so the community needs the support of the political leadership to get the authority. >> that's a great point to double down on what ben said. the role of the president in number one, slething the right leadership of the community. remember, i said this structer will work, but it depends on the character of the dni, the relationship of the dni to the president and to the cia. that has to be the product of careful personal choices. one would hope with the personal involvement of the president elect. and has ben says, when it hits the fan, he needs to jump out
there. i wrielt in the book, what happened after the "new york times" wrote about what we call the stutter wind program. when things like that happen we have what we call the long pause. all right. it's the guy who told us to go do this going to go out and self-identify that he told us to do it, and is he going to identify? is he going to defend us? in this instance the story came out thursday on the website. friday probably the way you would imagine that friday to be in the white house. midday friday, the president told his staff to throw away the saturday morning radio broadcast. that he had already produced. he went on live saturday morning and did what we all would have hoped he did. he visited fort meade visibly. that's what you need from the commander in chief. >> i would interject the team
that's selected, i would add one additional one because of a dominant role that the defense department plays. that's the secretary of defense. in the relationship of dni, director of cia and secretary of defense, largely delegated or exclusively currently delegated to the undersecretary for intelligence. that personnel selection team when it comes to the dod piece. and so that is an added dimension. >> to double down on ben trying to do this 12333, hayden, gates, mcconnell, and clapper. life long personal friend. it was still almost in the too hard to do box. >> in 18 months or there about. >> i recall certain conversations. i won't name out people like secretary gates, but, where i recall some conversations where it was said, well, when you were director of cia, you certainly supported this amendment, and
thought, we looked at the memos and they were strident about the need to reform this, and conversations like, well, you know, where you sit makes a difference these days. so even with these incredible personalities and experience, it was a hard slog. >> moving to the third section of the questions, why is intelligence needed, what difference does it make in terms of impact? and i want to start with you, ben, on the whole question of how well does oversight work. you have touched on it. one of the criticisms levelled against the intelligence community is that there is an essence and i use liberty. there is never enough oversight. enough oversight will bring it to a complete standstill. what's your view in terms of the level of oversight that we currently have against these challenges that we have, whether they're the crises we face around the world and the challenges of collection or the intelligence community
personnel, understanding what those rules are? >> well, first, unlike authorities that may expand or contract depending on the political winds, depending on the threats to the country and other things, oversight as best i can tell historically truly is the one case that is a one-way ratchet. we always add oversight. few examples we never take it away. second, you asked the question about, you know, is the intelligence community too big. is 17 elements the right size? no one asks. do we have the right size empirically of oversight? we don't do that. we have a problem, we add another commission, another office, another senate-confirmed official. add more people to it. there is never a question about oversight because more is always better, right? third, it is a serious question
in terms of affecting the mission, how cumbersome it can become but also the importance of oversight done well can improve the mission. constructive oversight can do it. but let's lay out the terrain briefly about what we're talking about when we talk about oversight. of course, you have congress with the senate intelligence community, house intelligence community committee. but it doesn't stop there. you've got judiciary committees. you have appropriations committees. you have the armed services committee. you have leadership offices. and i can spend the rest of the panel going down the rest of the congressional oversight mechanisms in terms of homeland security, government operations and others. we have recently added more oversight in terms of congressional bodies with the general government accountability office now given an unprecedented role in the intelligence community by statute, something the administration and the intelligence community have long
talked about with the congress. that statute is now passed. you have gio added to this several liberties board. you have an assistant secretary of defense for oversight. senate-confirmed inspector generals. general counsels. have i worn you out yet or should i continue? believe me, i could continue with another number of bodies. we need to ask the question and look. they should be subjected to the same questions we ask about others in the community. is this oversight contributing to the commission? is this gotcha oversight. tha that's something that concerned me. when we think about what happened with national security letters and the fbi in the report that identified deficiencies in the fbi's use and handling of the national
security letter authorities, it would have been far better to have a compliance organization in terms of oversight reviewing it in real time and identifying those issues than a report that per the u.s. d.c. way of operating comes out four years later and identified these problems. so i'm somebody who has always argued for real time oversight as opposed to what i call gotcha oversight, which i find is far less constructive. >> i have doubled down on everything ben said. good oversight, though, credentialed oversight, may help to solve that problem i suggested earlier with regard to the broad legitimacy of the enterprise in the eyes of thuamerican people. if it's seen to be invasive and objective and approving, however we define that, that may go a long way of moving the ball down the field in terms of getting the legitimacy we need without revealing everything we shouldn't have to reveal.
i would suggest pivoting off of what ben said, narrow and intense is far better than broad. i'm happy with the oversight committees getting deeper into the business. more immediacy. more at the operational tempo of the enterprise rather than looking in the rear-view mirror rather than adding bodies to the left and the right, to the right and left, it just creates this kind of bureaucracy that the operational community then has to feed in order to get on to do what it is they have to do. one brief example in response to mr. snowden and a special commission created to look at nsa collection. the president issued pdd 28. it has to do with extending what we used to think of as u.s. person protections in the collection of electronic surveillance. extending those protections to non-u.s. persons.
i'm not going to argue the merits of that. that's a separate discussion. i'm just telling you the bureaucratic overhang of that is incredibly significant. and so narrow, intense, legitimate. how do i get it out of the congress? i would ask the leadership. and here the president can play an additional role to put pressure on the majority and minority committee. put your pros on this committee, your center of the roaders on here. leave the idealogues over here. for the judicial community perhaps, sorry judge, or some other communities. you need pragmatic people here inside these committees. and then finally, this is hard stuff. i don't understand the virtue of term limits for members of the oversight committee as they get mastery of what you're telling them. they've got to go. it doesn't do what we need to have done.
>> an unfortunate turn. trend, that i think we have all observed is the plitization of intelligence with oversight. that's certainly occurs over the last decade plus in terms of congress. if i look back over before my retirement from government a model of a well working oversight relationship was chairman rogers, chairman mike rogers, not to be confused with admiral rogers at nsa, and roopesburger on the house intelligence committee. why they politicized issues and looked at intelligence for value and the value proposition to the nation. that was welcome. mind you, i am not suggesting less oversight or deeper oversight as you put it. certainly where we weren't seeing a mommy-daddy fight every
time in terms of it being politicized which takes you to the one bonus question for you. mike, you have a new book, "playing on the edge." this might be dust on the cleats. metaphors on the football field. one of the controversial topics remains the enhanced interrogations that were used in the immediate aftermath and subsequent couple of years after 9/11. you're the subject of significant criticism for how you characterize the intelligence there. do you have comments about, again, that intelligence value versus everything we have been talking about this morning? >> these are edgy decisions. they were never taken lightly. they were not done out of enthusiasm. they were done out of duty, sense of responsibility. we never did it because they deserved it, as some people suggest we should do in the
future. this was not about looking toward the past but toward the future. it was about life saving intelligence. what we did was up to the edge as defined by the department of justice in the totality of circumstances as we knew them to be at that time. necessity, proportionality, distinction. when i got to the agency, i changed some of the things because i had different circumstances. this is not saying it was inappropriate for those circumstances. i had different circumstances. we had two statutes that changed the legal underpinning. we knew more about al qaeda. we had a better sense of threat from al qaeda. i felt i didn't do away with the program, but i thought i could make some adjustments. remember, getting back to the proportionality that leads to governor actions when we have to make these difficult choices. the people at the agency belief that the historical record justifies the program.
the people believed we acquired information not otherwise available or not otherwise available in a timely manner. from doing what it was the agency did. it was an ugly program when it started. george tenet will fully admit to that. it was done on the fly. i talk about it in the book, 48 hours after they were told to leave langley, and so there were missteps and misjudgments. those were mostly early in the program. the longer it went, the more disciplined it became. i don't know what more is to be said. again, we believe the historical record is, as we have described it to be the senate democrats believe the historical record as they describe it to be. frankly, it's not my complaining about the question, but i just tire of the issue.
the agency is not going to do this again. it's not going to not do it because they thought it was wrong or ineffective. they are not going to do it because they thought they had a social contract with the government. when the director comes and says i want you to do this for me, the case officer gets to ask four questions. you think this is a good idea, boss? yeah. president? president has authorized it? yes, he has. attorney general said this was okay? mm-hmm. congressmen told? yes, sir, they have. at that point, he believes he has a social contract that the american republic has his back, not an administration. and that social contract frankly was violated. multiple cia directors when asked is the agency going to waterboard again and just respond absolutely not. again, not a judgment on what was done before. but a judgment on what happened afterwards.
i famously said if some future president wants to waterboard somebody, he better bring his own bucket because the agency won't do it. that's not necessarily a good thing. >> ben, often times it's said and i think you made reference to it with secretary gates you stand on an issue where you sit. is there any way to overcome that in building that stronger sense of community, as we face these incredible threats around the globe, none of which appear to subside because the status quo ante of the middle east are not returning to a pre-arab spring. so why is it that the bureaucracies get in the way of this, you stand where you sit? >> so you're asking can i solve the iron laws of bureaucracy? if i could i think i would be in a different position.
but more seriously you are going to have those iron laws of bureaucracy, those issues. that said, we have made a tremendous amount of progress on that. everyone who goes overseas that saw the integration of the intelligence community overseas, always came back and said the same thing, no matter what your political views are, no matter your views on these issues and how amazing it was to see the community sitting together in operation centers overseas a and -- >> the agencies. >> the agencies together. the intelligence agency, the people who think of mapping and geography and things that are far more than that. nsa with the signals intelligence. cia with human intelligence. with what it brings in terms of the tactical and supporting the military. having all those people together because they were forced
together, supporting in those cases the war fighter and other efforts. everyone came back and said, gosh, if we could replicate that in d.c. somehow, why does d.c. seem almost impregnable to what is going on overseas. we have tried to do things like joint duty which is taken from in terms of what the military has done with its joint duty across services and trying to do that in the community. it is a continual struggle to make what happens in a foreign expeditionary sense. including the fbi being over there and overseas thinking about what this will mean domestically and bringing it back in d.c. and kind of penetrating what seems to be the walls that are put up once you come back to d.c. there is always more progress so be made there. that's a place where the dni leadership of the intelligence community need to think beyond themselves. and to continually work that problem, because it will always
have a bureaucratic inertia to kind of slide back of i don't want to share my best people. i'm responsible for my agency. i need to think about doing the best for my agency as opposed to thinking in a community sense. we made progress but it requires continual attention all the time. because all of the forces are against that in some sense. that's a place where it was one of the reasons for standing up the dni to make sure the issues don't slide back to where they were where we don't have a sense of community. because what you saw overseas, is something that has a lot of uplift still to be made in d.c. we talked about cyber. that's an area that cuts across the agencies. having the capabilities and understanding across the communities, just absolutely critical. it can't be done in a weekly or monthly meeting.
you need to have the best people across the community fundamentally understanding what's going on at the other agencies to get that sime kind of uplift we saw overseas here, back domestically, at the headquarters level. >> mike, did you want to -- >> i would simply say we have come back to how critical the selection of that new team should the president elect in january of next year choose to replace any or all of the current ic leadership. how critical that will be both in building the trust and confidence, but in addition, as you described, ben, the ability of that team to get things done, such as security clearance reform. yes, one of the things that's really hard to do, not very attractive by way of headlines but everyone here knows we are still doing 150-page sf 86s just as one simple example in terms of security clearance process.
those sorts of things and working that together as a community. i would like to take a question. we are almost out of time. first hand up, please. >> this has been a most enlightening morning. i'm a soldier, no longer young. gentlemen, this has been a really enlightening morning. i'm a soldier, no longer young. my name is michael kraus. two wars, four continents, five contingencies. my question really becomes the existential threat from islamic state and the potential threat of nations that commit little green men to cross borders.
you spoke of intentions, you spoke of proportionality. are we using the intelligence mediums to secure borders well enough to prevent and enable decisionmakers to have p proportional reactions? and general hayden, as a soldier, i defer to the air force component. >> it's an absolutely excellent wrap-up question because it brings all these pieces together, the why, the how, and the what. in essence, you have created an interesting -- it's not a dilemma but a dynamic that the more aggressive i allow my intelligence to be, the earlier i will probably identify issus s or actions that i must take. thereby allowing me to do things almost certainly with a lighter touch, with fewer resources and
with more impact than would be the case if i were forced to do it later. men go to the islamic state. isis is really hard now. it was hard a year ago but not as hard as today. i can run that clock back to 2011 and decisions made with regard to american residual forces in iraq and so on. i mean, as time goes by, you lose leverage. and you don't get a pound of output for any pound of input. it works against you over time. i guess what i'm trying to say is if you disarm yourself with regard to intelligence collection, if you're too cautious with intelligence collection, you may very well box yourself into policy choices that are even worse than they would otherwise be. which then suggests if all the tools you have available, the one where you might want to think about being more rather than less aggressive is how it
is you do go about collecting intelligence, which has not been the trend line in the last couple years. >> excellent question. it really does wrap this up. i think the community has probably said the islamic state was a miss. they didn't see the rise islamic state and the taking of the territory. that's not a criticism of the community. it goes back to what general hayden says. which is you're dealing with very hard problems in setting the boundaries. just because i say something is a 1 out of 10 and that 1 out of 10 comes to pass, don't say we didn't warn about that. i think they said the islamic state was a myth and not a miss because of somebody doing something wrong, it's just difficult to understand the dynamics when we're dealing with human nature, the intelligence community as much as they can
do, you're making predictions about the future. is assad's army going to stay together? we can have lots of intelligence about their military capabilities, about their morale and state and funding, but when the bullets start firing, you know, is there going to be something that causes it to fall apart or are they going to stay cohesive and fight? what will putin do with little green men and others. these are difficult problems for the community to stay on top of. we are going to continually be challenged now. the problems have become more difficult, as general hayden said. that causes us to spend more on intelligence and be more aggressive with intelligence. in terms of how we use the intelligence community on the threats you identify to wrap up some of the pieces we talked about. this is over simplification.
but as somebody told me from the united kingdom, there are really two fundamental ways when you talk about intelligence and making cases and those kinds of things. those are sources and wires. sources being human intelligence that can be from spies and others. but it also is from people that you capture and gathering intelligence from them, and wires, we're talking about signals intelligence. the less capability we have regarding sources and the less capability we have in terms of wires, the less capability we'll have when we talk about protecting borders, the islamic state, when we talk about nation states like russia creating instability in places like the ukraine and elsewhere. >> as someone who handled the intelligence transition in 2008 and 2009, went from president bush to president obama, a very bad moment in january of 2017 on
the 21st of january would be something like this. the president elect after november has been receiving the president's daily brief. he sits in the chair as or she sits in the chair as president and says, okay, now tell me the secrets. that's a bad time for the dni and the cia and director of nsa and those as they sit around the chief executive of this nation. that has always been my concern. is that expectation of what intelligence can deliver in order to offer up where we started this conversation this morning on decision advantage. that is having information knowledge that the enemy does not know you have, in order to at least consider other options. and that chief executive of our nation says, now tell me the secrets, because right now, this doesn't quite cut what i thought you actually would provide me.
that would be a bad meeting. it goes to the heart of your question. are you collecting and analyzing and then delivering? that which allows that decision advantage along with the counterintelligence weight to that information, what you really know and what is assessment of what you know. >> in the book, i spent a whole chapter on a nuclear reactor in the desert, built with north korean help. we got there and discovered, presented it to the president with help from the middle eastern ally in april of 2007. this thing was damn near done. they have a cooling pond in the euphrates river. they were trenching the cooler water. for all practical purposes from what we could see, any day now, they could have been inserting
uranium into the facility. a bit of intelligence, we actually found it and we were actually right. it was indeed a nuclear reactor. we didn't give the administration much decision space at all. there are very few good choices when you have this near complete nuclear reactor in the desert. that intelligence process constrained the policy choices that the president might have had. if you are able to tell him 6, 8 or 12 months earlier. >> time is up. two minutes over. thank you very much for being a wonderful audience. i hope, as you said, this has been a valuable discussion on the why of intelligence, the how it's conducted, and what is it we get from it by way of informing sound decisionmaking. so please thank our guests.
all right. folks. as we get started again, running on time. it is a distinct pleasure to introduce the second panel. if you notice the way the program is structured, we want to start with the big question. why we collect intelligence and drill down a little further. into counterterrorism and collection authorities and the rule of law piece, which was touched on in the first panel. i can't think of three better men who have lived this and worked in the area than the three you see sitting before you.
my close friend and colleague paul rosenzweig is going to guide the discussion. paul is a distinguished visiting fellow here at fairtaheritage. he also served as a deputy assistant secretary at homeland security and other distinguished posts throughout his career. he owns his own consulting firm called red branch which does valuable work. in the private sector. and so i'll turn it over to paul. >> great, thanks a lot, culley. appreciate being invited to moderate this panel. though you did caution us against too much of an introduction. i would be remiss if i didn't briefly mention my two panelists here, matt olson, to my far left, is a graduate of the sadly not going to the final four, university of virginia. and harvard law school. and he's a former director of the national counterterrorism center, a position to which he was appointed by president
obama. he's prersently co-founder of business development strategy at iron net cybersecurity, a firm he founded with keith alexander. to my immediate left is mike mukasey, who served as a federal judge in the southern district of new york from 1987 to 2006. after a very brief stint in private practice, he returned to service of the country as attorney general under president bush. he's now of counsel with a new york law firm. the title is counter terrorism collection authorities and the rule of law which when you think about it starts with something of a conundrum or conflict since intelligence and espionage is at the core fundamentally a lawless activity, when we send signals intelligence people to penetrate china or human intelligence people to penetrate
iran, they are by definition almost violating the laws of those countries. likewise when the russians send somebody here it is certainly a violation of american domestic law. yet the hallmark of american democracy, one of the hallmarks of american democracy is our commitment to the rule of law. the idea that we are a government of laws, not of men. and that our officials act within the bounds of law. the american experience with that tension, if you will, has been of varying intensity. it goes back as far, my favorite first story is henry clay, who famously said as congressman that what the president did with his secret intelligence community was of absolutely no interest to congress at all and should not be. fast forward, of course, to the 1970s and the significant oversight put in place by congress in the wake of the church and pike commissions. fast forward to 9/11. the perception of heightened legality requirements as having
constrained the effective collection and use and analysis of intelligence. we have had this discussion for over 250 years. i think it's best captured actually by the title of general hayden's book that we just heard about, pla"playing to the edge" which reflects his statement that in the wake of 9/11, we moved to the edge of what we perceived to be lawful. that suggests of course congress up until that date, we were playing back from the edge. we were playing with a great deal more caution, perhaps because of the requirements of legality and the perception of the requirements of legality. the requirements of lawful conduct stand on grounds of accountability and more importantly transparency that are sometimes in great tension with the requisite secrecy that is the effectiveness of intelligence collection.
in this panel we want to talk about some of the contemporary issues in law that are in our immediate past and in our not too distant future as we look at how law can modify and regulate intelligence collection, and more fundamentally, whether it's actually feasible to have an intelligence community that acts within the bounds of law in the intelligence community and still be effective in some way. with that very brief introduction, i want to turn to one of the most notable programs that is in the news today and will be in the news in the next few months and years. it is known as the section 702 internet surveillance program after the section of law in which it's grounded, is the section that authorizes surveillance of internet traffic for foreign intelligence purposes broadly speaking.
the law is up for renewal. next year. some in congress see the need for amendment. others think the program is working fine as is. so let me start with you, general mukasey and then after him, matt. do you see any legal weaknesses in the statutory or constitutional underpinnings of section 702 and the program at all? >> i don't see any constitutional weakness in the sense that we have to remember that the constitution is not a treaty with the world. the constitution protects united states persons who are united states citizens whether here or a abroad, and protects anybody, u.s. citizen or not, if they're here. it doesn't protect everybody in the world. as a result it is perfectly constitutional to authorize our intelligence agency around the world to collect what they can
and need which is what section 702 does. that said, we just heard in the last panel about a presidential directive that confers on people overseas, american citizens or not, the same protections americans have and candidly that gives me some pause. to the extent that order impacts our intelligence collection, i assume it does. otherwise it wouldn't have been issued. i am -- i wonder whether that constraint gives us the flexibility we need. >> if i could indulge a little bit, i'll go back to your opening commentants, what you said about nsa, i was a general counsel on nsa, and i teach a law school class now. i made exactly the same point you made about the role of espionage and being the head
lawyer in an agency like nsa carries with it certain challenges because after all, nsa's job is to go around the world and largely break the laws to collect intelligence. the key is they don't break the law of the united states. your point being in your opening comments all about we live under rules of law in this country and my experience in nsa was this is taken extraordinarily seriously by the men who work at nsa. at the same time i would say going to general hayden's metaphor, and we have had an opportunity to talk about the chalk on the cleats metaphor, which i think is exactly right from the point of view of an operator. you need to be on the line. you need to have chalk on the cleats. that's the expectation the american people place on leaders in terms of protecting the country. the point from the legal perspective is that makes your job hard as a lawyer. even though that's the right
approach, this metaphor, to take it further, of chalk on the cleats, you know, that sort of in a certain way from a legal perspective, supposes that that line is readily discernible, relatively straight, and static. none of those are true. the line of legality from the point of having to advise the general hayden when he was director of nsa or the director at cia, that line is sometimes not clear. right? the legal line is sometimes not obvious, as a lawyer trying to discern it. it's also not a straight line. you know, it moves in zigzags, really, i think. again, metaphorically speaking, and it's dynamic. subject to interpretation with the executive branch often from congress and the judicial branch. to take that little opening comment, the complexity that this discussion today right now on the rule of law and our
intelligence capabilities presents some real complexities for the lawyer operating in this space. which is now then to say 702 is an extraordinary statute in reconciling competing interests and it really is the consequence of years of experience going from the church committee to fisa to 9/11 to changes in technology to judicial decisions, multiple two separate efforts by congress to come up with 702, and then finally, 702, which represents, i think, a delicate and really elegant balancing of the interests at stake. so from my perspective, it is sound to go back to your question, it is sound constitutionally and statutorially. i think, if you want, i can give you insights into the operational aspects, which is
importa important, too. >> i want to look at your discussion about the uncertainty of the line actually prompts a slight change. what do you both think? you served in high legal advisory capacities within. within the administration. what is the role of the lawyer? is it to tell your operator how to get as close to the line as he thinks he needs or is it to council caution and tell him get this close and no closer because there's this uncertainty, and as your lawyer, i want to make sure that you're on the good side of the line? in the first amendment, we had this doctrine about staying far back from the line because we don't want to go too far. as counsel to people in the intelligence collection community, how did you perceive your role and how would you approach that problem, just generically, without reference to 702.
>> in general terms, it was up to the policymakers and the operators to determine where within those lines they could function. occasionally, they would come back and say look, we want to do x or y or z. legal or illegal. at that point, yes, you have to -- it is about line drawing. i should tell you as matt just pointed out, some of those lines are not bright. for example, 702 permits, doesn't permit it, it recognizes there are going to be incidental collection of information about u.s. persons overseas, when you're setting a wide net, casting a wide net, you're necessarily possibly going to bring in some information about u.s. persons that is not permitted to be your goal. it depends on the good faith, both of the people who are using
702 and the people who are overseeing the people who are using 702. that is, you gather information on the u.s. person. it has to be incidental. to what it is you're doing. you can't conduct an investigation for the purpose of gathering quote/unquote incidental information about the person you're really interested in. that's what tnot what the statu contemplates and that's going to get you in deep trouble. jack goldsmith in an excellent book published back in 2007, or 2006, i think, described what he called cycles of aggression in the intelligence community. and that is what we have been living with over the last several decades, where the intelligence community goes too far, and is criticized, is yanked in. people are disciplined.
they then become timid, and then we have hearings about how come you didn't connect the dots? remember the 9/11 hearings were all about connecting dots. now, we're having a debate about whether you're permitted to gather dots in order to be able to connect at a later date. so the cycles continue. which is regrettable. >> i completely agree with judge mukasey on this point in terms of the role of the lawyer and the importance of line drawing and the difficulty in doing so as well as the challenge and danger of the sort of pendulum swinging and what you see, how that impacts particularly lawyers, not just operators, but lawyers and the advice they give and some of the danger inherent in having lawyers who become too risk averse, because it's often easy to say, no, it's often safer to say no than to say yes. but you know, when i would
advise lawyers at nsa and justice as well on this question, you know, i think there's sort of the -- there's you have multiple roles as a lawyer for the government. in some cases, you are simply advising on what the line is, where the line is, and what the legal rules are. and i always thought it was important to be explicit that you are now talking about the legal rule before you perhaps are asked to give your government about the policy. okay, that's the legal rule. to your question as to should we stay back from the line to avoid the danger of potentially going over it, now you're in a policy realm. you're starting to give advice to someone who is accountable for using the information, a lawyer or not, on the policy judgment. you can give advice on that, here's my thoughts on the wisdom of that course of action, but you should be explicit that that is now a policy judgment so that the decisionmaker is not confused to think that what you're saying is, you know, that
option is off limited because it's illegal. i just think making it very clear distinction about where the legal lines are and where the policy advice is, is really important. >> let me press on that a bit. one of the things you said earlier that really struck me is that the line is often indefinite. the choice of how you express that line to your client is sometimes not a policy choice but a quasi-risk choice you make. so do you give your client both lines? this is the maximal line, the minimum line, or do you -- >> i think that's exactly right. you might say, in an abstract level, this is clearly over the line. in these range of options that are close, and you would express it i think in terms of risk. there's some risk. the risk could be a court could look at it differently. judge mukasey in his role as chief judge in the southern
district of new york, could look at it differently. there could be risks that congress could look at it differently, the american people could look at it differently. so there's risks. yet, in expressing that as a risk calculus is the way to think about it. and when you talk about fourth amendment questions where the touchstone for fourth amendment is reasonableness. nothing more specific than that, a body of case law behind it, but the body of case law typically applies to police officers on the street, not intelligence officers overseas. you know, there's not the same degree of case law building up behind what reasonableness means. that makes this really difficult. and i think an appreciation of that is important. >> there's danger in pulling back. too far from the line. i think we saw that before 9/11, when at the justice department, it was felt that the sharing of intelligence information with criminal investigators was something that they barred.
so this wall was created, in which the intelligence gath eres could not notify the criminal investigators of what they find. it turned out in subsequent litigation that that wall was a figment of their imagination, but we may well have paid a price for that on 9/11 when two of the hijackers sought by the criminal folks came into the united states. the intelligence people knew that, but they couldn't communicate with the criminal folks, and as a result, the fellow with the controls of the airplane that hit the pentagon was not detected. >> so let's circle back to 702. you wanted to give us a little bit of 5operational context whih could be helpful for the legal questions i want to ask next. >> it's important as we talk about the legal issues around 702 to take a moment to think about and consider the operational effectiveness of it. my last job, i was at the national counterterrorism
center. from that vantage point there, was no single authority that was more important to counterterrorism and our u.s. counterterrorism efforts than section 702. it was -- it provided a significant proportion of the intelligence reporting that we received on counterterrorism targets, networks, plans, locations. you know, a day did not go by that an intelligence report that i was reading didn't at some -- have some part of it the contribution was from section 702, to the point where analysts knew this came from 702 collection, a statute that was just a few years old, people would say this came from 702. i looked at the privacy and civil liberties oversight board's report on 702, which is really the definitive account, a couple hundred pages review where they had access to all of
the classified information, and they concluded that section 702 had directly enabled the thwarting of specific terrorist attacks aimed at the united states, and that it identified the specific terror attacks aimed at the united states. identified the targets of the attacks, the means contemplated to carry out the attacks the names and identities of participants. they recognized, acknowledged that the value is difficult. and just lastly, if i can say, many of you are aware of the zogby examples in new york city, attempted bomb plot. that is largely attributable, too. that was for 702. >> i think also need to establish fact on the valuing 702 simply for its ability to stop particular plot at particular times. we're talking about intelligence standards. if you're talking about stopping
a plot when somebody is about to chamber around. then you're not going to find a whole lot of plots that are stopped by particular programs but that's not the tick way in which intelligence is used. it's used as part of a whole. it's used along with human intelligence. it's used from open source material that you heard from general hayden. when you put it all together that allows you to get to the point where somebody is chambering around. >> so, it was mentioned earlier, the one aspect of section 702 program that has generated at least some congressional concern and pushback. and certainly a fair amount of concerns in the ngo community is this idea that information can be collaterally collected during the course of a foreign intelligence investigation about an american citizen. or a u.s. person more formally. and legally.
many and even though the collection of that information were not to have been the express or authorized purpose of it, that information once collected is, according to critics, now usable for foreign intelligence purposes. and they are concerned possibly even shareable with other law enforcement or domestic nonintelligence purposes. that, to my mind, is going to be the grounds, if any, the major portions of the discussion of the section of 702 program when it comes up for reauthorization. so, a couple questions flow from that. your perception of the frequency with which that happens. your perception of the legality of it. your perception about whether or not there are ways of modifying the program to avoid or minimize the problem. and ultimately your opinion on
whether or not this is the critics say a category mistake that is allowing collection that does in the end attach to american citizens without the full panoply of fourth amendment. it's a big question but kind of an open -- >> the key operative word here is incidental. and consider what happens to intelligence that's gathered incidental to intelligence being sought about foreign persons. you gather intelligence about a united states person. are you then to disregard it? what if it tells you that a united states person is about to commit some sort of mayhem? i think it's ridiculous, quite frankly, to direct that a piece of valuable information be disregarded simply because it was scooped up incident tool a perfectly proper investigation.
that piece of information is something that ought to be used and is used, the same way as other information is used which you obviously have to protect against is the expansion of investigations for the purpose of conducting quote/unquote -- gathering, rather, incidental information. and that depends on the good faith of the people who administer the program and also the people who oversee it. and there's plenty of oversight as pointed out in the last panel. you're talking about the madisonian trifecta. you've got oversight from within the executive. you've got oversight from legislative -- multiple legislative communities. and you've got oversight by a court. >> i agree with those points. i mean, as judge mukasey said, imagine what the alternative would be. what 702 allows is a mechanism under judicial oversights by the power of the court to obtain
orders, broad orders that allow the u.s. intelligence community to then target specific individuals who are deemed to be not u.s. persons and outside the united states. those are the two critical elements. you now have authority in the intelligence community with court oversight, congressional oversight to target selectors with e-mail addresses. someone who is overseas is not a u.s. citizen. you're doing that in the counter terrorism realm. you're doing to see if that person say terrorist is seeking to carry out terror attacks. you're not seeing the information that person is creating, for example, via e-mail address. and now what happens, that person that the analyst is following communicates with somebody inside the united states. and communicates some sort of attack plan. and at that point in time, you now have -- you really have
achieved what exactly you want to achieve as an analyst. you now see this person who is in, say, yemen, is now communicating with somebody in new york city. so, you now have -- and they're talking about attack. the alternative -- what would be the alternative to then focusing on that person in new york city? that would be right not to ignore that. what happens, in fact, once that person in new york city becomes the focus of attention, then the rest of the statute kicks it, 1978, which protects u.s. citizens is now requiring the intelligence community with the lawyers to go and obtain a probable cause, essentially an order -- essentially a warrant to target that person in new york city. and then the correction focuses to that person. that's how it works in practice. that exactly is how it worked in
the case i mentioned before of zogby. the person in denver, communicating with a target in pakistan. and they shared information about a bombmaking recipe. that allows the intelligence community now to focus on this person in the united states, in aurora, colorado, and understand that he was planning to travel, which he in fact did to new york city to carry out an attack on the new york subway. that's how it works. and beyond that, the information that's incidentally collected about the u.s. person in that scenario is subject to as judge mukases said to privacy. for example, you cannot disseminate information about that person. and it's also to oversight. and the last point i'll make is that when 702 was hacked, a
number of folks in this room were part of that effort, as i look around the room. there were a couple of compromises that were adopted to protect u.s. persons. one was that for the first time a judicial order was by the fisa court to target anyone around the world. us of the united states, with the fisa court ordered to do that. and one other is that there are a series of provisions for a reversion target which basically said the government cannot target somebody overseas under the statute 702450 is not a u.s. person in order to collect against a person in the united states. that would be the other way around. that was by the statute. again, to my mind, the statute does a very good job of balance and acting compromise. >> one of the -- you mentioned minimizization procedures. one of the other criticisms that
i've sometimes heard from people worried about the program is that the procedures themselves and the adherence to them are themselves not subject to judicial review. but rather, only to administrative and executive branch review on a case-by-case basis. the overall procedures themselves are approved. but whether or not we've succeeded in applying them to rosenzweig does not get that. does that criticism merit our concern? >> actually, it's not entirely true. the failures, if there are failures within the system, have to be reported on a periodic basis to the fisa court. and when there are failures, those can be reviewed by the court either one at a time or engros. they are largely reviewed for the purposes of determining
whether there's a problem with procedures and those are adjusted one way or another. >> i think that's exactly right. i think you get -- the court would review and approve the minimumization procedures at the outset. anytime there's oversight within the executive branch of the procedures it's not just done by the intelligence agency, but also done by the department of justice and if there are compliances used there, the court can then amend those procedures to account for those compliance issues. and if anything strikes me -- and i guess the other thing that happens is if there is an instance where this information were ever to be used in a criminal case, the defendant would then have an opportunity to challenge the application of the minimumization procedures in that particular case. there would be another opportunity for judicial review. is which not unlike how it worked. >> so, let's wrap up the 702 discussion with a final question. it's going to come up for review
next year, or renewal, i guess, if it doesn't get renewed, it lapses. your recommendation to congress? re new as is, let lapse or renew with modifications, what, if any? >> the only modification i would suggest is to eliminate the sunset provision. as far as i know, al qaeda does not have -- the islamic state does not have a sunset provision. in any of their campaigns or any of their orders. the various thought was authorizing the murder of americans do not as far as i know have sunset provisions. i don't think -- it's always open for congress to change the statute. but to require that we go through this every several years doesn't make for continuity and
intelligence gathering and for the ability of the intelligence community to plan long term. we can do it this way. and general hayden is probably the most tolerant of this whole thing of anybody that i've ever seen. if that's the way we're going to do it, then that's the way we're going to do it. but i think we ought to do it with our eyes open and with awareness that we are in a sense handy kwaping ourselves purposely and at the time for no purpose by imposing crimes like that. >> before you answer that, if i may, general, we mentioned earlier the policy decision extending the privacy rights to nonperson citizens, would you recommend that that be considered and modified in the course of the legislative consideration? >> you mean, to eliminate that presidential direction? >> well, you critiqued it. >> i did. yes. >> could it prohibit it?
>> it could. it could. it is something for which there is neither need nor sanction. as i said, at the beginning, the constitution is not a treaty with the entire world. and if you want to go back and take a little long view of this, the folks that drafted the constitution did in-t in the summer. they did it under conditions of strict secrecy. they kept the windows closed. it was a hot summer day in philadelphia. they kept all of the windows closed. nobody was to discuss it that time or afterwards. including in the constitution itself there was a directive, for example, congress publish a journal on the regular basis of its proceedings, except for those parts that it thought ought to remain secret. these are practical people. they were drafting a document
for other practical people. >> matt. >> on the question of 702 and sunset and reauthorization that next year with the sunset with judge mukasey, i would eliminate the sunset provision. and wait until the final hour to renew it and then operationally prepare to pull the plug or be in the program. not a way to run the intelligence community but the more fundamental question of does it need to be changed, really the answer is no. as i mentioned before 702 is years and years of effort to reconcile competing interests. it reflected judicial decisions, executive branch experiencing legislative efforts. it came up with this compromise. and then now have really a
authoritative, definitive report from the privacy oversight board found that it was operationally ostensible basically. and that it was lawful, by the constitution fourth amendment. and so there's really no problem solved that anyone's identified. as far as i know there have been two district court decisions. one in oregon in 2014 and one in the eastern district of this year that looked at the discretion under 702. in both cases, these judges, not fisa court judges, found that it was constitutional and lawful. so, it works, it's legal, there are problems with it. >> just to a point that matt had, and that is the criticisms of it have been hypothetical criticisms. not criticisms based on real instances of abuse. in other words, people sit and contemplate the possibility that
somebody could have used 702 if they had mind to do it. apply that to the local police department. a police officer could abuse the power of arrest. fact of carrying the weapon that is not a reason to withhold arrest powers, not a reason to disarm police. and the i want possibility mb of the mind to do it and ahas the time to do it who considers their job of preventing attacks allows for recreational use of 702 to abuse it, i think is really out of order. >> so, speaks of the privacy and civil liberties oversight board for those of you who don't know is a five-person board staffed by three republicademocratic ap
and two republican appointees. the board has announced it's conducted a review of 12333. and the charter of the intelligence community sets out rules and responsibilities, contains summary substantive restrictions. for example, restrictions on assassination. that report, too, is likely to come out later this year. let's talk that from a legal perspective. in your view does eo 333 everybody or more statutory? >> i don't think it has any grant within it or its intended to do it. really from the standpoint of the intelligence community, i
think it defines the lanes in which each of the entities within the intelligence community come from. it doesn't itself grant authority. the authority is granted by statute. it's granted by constitution. it's granted elsewhere. the executive order itself doesn't have a grant of authority. it has assignment of responsibility for exercising authorities under statutes that are already existing. and it succeeded if you heard -- has succeeded as you heard from the last panel largely because the components of the intelligence community get along. and that's -- there's no such thing as an order that's going to enforce itself. and so, it depends to a large extent, on the ability of people within the agency to communicate with one another. and to be aware of one another's
boundaries. >> let me press on that just a bit. some critics have suggested that eo 12333 actually expands beyond statutory grant some investigative authorities nominally or almost exclusively under authority of the executive branch. do you think that's a mischaracterization or is it fair to say? >> i think it's fair to say. i think it -- it's a mischaracterizati mischaracterization, that it expands on authority. i think what it does is make the statute. congress can also pare back it it close to do so. but paring them back by executive order i think would be a huge mistake. one of the gaps -- obviously one of the gaps in 12333 is cyber.
and that is something that going to have to deal with -- going to have to be dealt with statutorily. i know when i went out to nsa and talked to general alexander, he said that he had the power and the authority to do something about incoming penetrations of the defense department. incoming penetrations possibly of the dotgov. i can do something about dot goff. >> judge mukasey has it right. it bears repeating it is a document -- the foundation of
documents that assigns responsibility to the agencies within the intelligence community. and it has limitations that we'll talk about on those authorities. but it just operates on the backdrop of authority already granted. so there's no new authority in executive order 12333. i say that i have to add, we within the intelligence community, we probably have muddied this up a bit ourselves. we will shorthand refer to 12333 collection. suggesting that there's an authority in 12333 that's denoting. really what that means, essentially that means a collection outside of fisa. outside of some other statute that regulates that type of activity. so it did not -- we did not authorize that collection but we will use that as a shorthand
12333 collection really to distinguish it from what we just talked about. for example, 702. >> give us an example of one of those -- there's obviously a larger audience on c-span, give us a couple examples of that. >> so, in speaking generally, so collection that would be carried out outside of -- in terms of surveillance activity. 12333 is much more than surveillance activity. it's all the activities and analytic as well. in terms of collection activity, you think of surveillance side, it would be conducting surveillance outside of the united states. not targeting a u.s. person. and not really relying on -- not relying on the service of a u.s. citizen. so say, a cia safe house in a t
abotbad. looking over a house. i'd be general about this. nsa activity that day conducting a target, where you're not targeting u.s. persons and you're not relying on u.s. service providers, internet providers. so, that's a broad swath of activity, though. what i just described is really, you know in large part what nsa does, right? so when we talk about 12333 surveillance or 12333 collection, it's a broad set of activities that just isn't otherwise regulated by something like fisa. >> i think it's 12333 activity and largely 12333 assigns to nsa the responsibility or gathering generically that kind of information, based on the powers of the executive to defend this country. and obviously don't need to get the authorization to go some place else in the world and learn something that could conceivably be of value to the
u.s. government defending themselves. >> so then, it's fair to say you would characterize 12333 exclusively as an organizing document? not as a ground or source of any authority that is exercised by any of the intelligence agencies? >> yeah, except that it's important to say it's an organizing document but it's also a communication document. so it includes restrictions and limitations on activities, you know, which i think really from the point of view of nsa operations, other than as judge mukasey, the a sign meant or activities. >> let's put you both in the role of senior national security legal advicer to the next president of the united states. whoever he or she may be.
and they look at you and they say, i'm thinking about revising and reissuing executive order 12333. what of the restrictions in there should i get rid of it? i want to be more aggressive, in a heightened sense of post belgium, post-france, post-pakistan. what restrictions can be removed without entrenching upon constitutional or statutory limitations? conversely are there any restrictions we should add? what's your recommendation? >> the only point of restriction i can think of that i might remove is the authority of nsa. at least, to pass on information about potential damage to the
private sector from hostile cyber activity. nsa gathering intelligence, but gathers it in outward looking fashion. restrictions like warning people what's about to happen to them i think is something that ought to be at least challenged. >> yes, i agree with you, i think cyber is an area that 12333 did not address in a way that helps sufficiently guide the rules and responsibilities of the agencies within the intelligence community. that would be something to try to tackle, but, you know, i do think my first advice would be, you know, step cautiously. >> do no harm. >> yeah, do no harm. and remember that these rules have evolved over several decades now going back to 1981.
and maybe talk to general hayden and others involved in that effort. i think that largely it works, you know, in terms of those -- the general body of restrictions, including, you know, the basic ones on prohibition, on assassination, but more importantly and more relevantly saying, for example, the cia is generally there for engaging in intelligence for the unites. the fbi is the only intelligence element that can conduct intelligence searches in the united states. these are civil liberties pouring in and restrictions that assign responsibility to particular agencies for what they're doing. cia, not in the united states, fbi searches in the united states. and there's a lot of sense behind these so i would be go ig cautiously in trying to remove any restrictions. >> okay. so, let's pivot once more to
another kind of area. this one is more speculative, and looking forward a bit. but we're on the cusp of the development of a host of new and novel collection platforms, i would say, for anybody who has seen "eye in the sky" by the way, i liked it. one of the things in there was a drone the size of a beatle that was deployed as part of the activity which i understand is not part of the operation but not very short. so, we're going to be looking at drones. we're going to be able to deploy large scale facial recognition technology. we're going to have large data collections that are capable of big analysis. broadly speaking, how should law
approach that? are current laws sufficient? or do you think that the novel collection technologies are going to require us to update collection rules? let's start with that generally, as a general question. >> in need of modernization to accommodate technology. >> generally i would wait until the new technology impedes or attempts to impede on somebody's privacy, before deciding to limit. as, i think we have to keep in mind that there are other -- there are other entities in the government that have an interest in this. wholly apart from the federal government. that is state and local governments. for example, things like drones,
there is talk of having the federal government be the sole regulator of drones. that, i think, is a big mistake. that's not to say that federal agencies should not be permitted to use them when otherwise appropriate under statute. but to have one regulation governing what going on in the backyards of every state in this country i think is a bit of a mistake. >> i think -- i agree. sort of we ought to take this integrally. there's no question that technology is making great advances in tellers of processing power, computer, technology, like you described the ability to amass and store large amounts of data about us. to accommodate that data to private companies. so the question is how should
law respond? you know, an example of that in the conversation over 702, it took a while for us to update fisa who responses to technology changes. i think one lesson we get, it's not a -- it's standard for the law with technology. >> just a catching up, a legal rule to make them as well adapted to the pace of technological change. so i would say, you know, the fourth amendment has been around for a long time and serves us quite well. has proven to be sufficiently adaptive and agile to continue to be more or less to be the right way to balance the competing interest between national security and domestic recruit and protection of privacy and civil liberties. i would caution that we anticipate which direction that
technology go. another comment, and i'll stop at that point. >> you mentioned for example facial recognition technology. that obviously is going to allow for great advances in intelligence gathering and in solving problems. on the other hand, do i want the government to have cameras on every corner and a bank of information about me and where i've gone every moment of my life and be able to consult it? no, i don't. on the other hand, we are long distance, in that, and long distance in the possibility that anybody would consider doing that. and that's not a reason to forego the use of that technology. where it can be used effectively to deal with problems that are in the here and now, without worrying about, anticipating science fiction problems. >> let's stay on that. of course, you're a good
lawyer -- great lawyer, indeed. so, now, you're in the next administration, and you're the cia director comes to you and says we can deploy this. we can start capturing pictures out of cctvs that are in london without the brits' knowledge. let's make it france so i don't cause a problem. you know, i take it that your expression would be in terms of foreign intelligence, no problem at all, because we owe foreigners no protection from the fourth amendment? >> yeah. and the question would be, to what end? we can capture it for intelligence gathering purposes. you can't capture it for recreational purposes. >> for the foreign intelligence -- paris -- i can could thing of an argument pretty easily. paris has now been the target of three attacks in the last five
years and is likely to be targeted more. we have a great database of pictures from iraq and afghanistan of known terrorists. we can create an early warning system. we're also going to have to incidentally collect facial pictures of every american along the way and minimize and disregar discard them. what principles if any should guide a program like that? >> well, you named two, minimize and discard, for openers. if somebody doesn't match up to a list, to a group of known terrorists, then you're not going to be banking those images. you're going to use it to compare to people you already know about, not to simply gather it to keep in a trove, in case you should come up with somebody.
you might want to trace. >> yeah, i mean, the rules under 12333, what we were talking about before, the executive order, which require every agency that conduct foreign intelligence, cia, to have rules, specific rules to designed to protect the u.s. person. every agency has a set of rules. in your scenario, the rules that would apply would be, one, if you can't search that data for a u.s. person. so, for a known u.s. person, unless you have possibly cause binding from the attorney general for that u.s. person. so, that's quite protective of the u.s. person, can't use that data and search it without approval from the attorney general. you can't keep information about a u.s. person for more than five years. and you can't disseminate information about a u.s. person
unless necessary to understand foreign intelligence basically. so these rules that are adapted approved for all of this activity including the type of activity you described. >> do either of you think that the lawfulness of a collection methodology is dependent on the efficacy or inefficacy of methodology which is to say, increasingly coming out of the back end to get more information that has been previously been collected? some all this the promise of obscurity. too difficult to analyze, that we weren't concerned with the alleged collection. today, analytic capability is going through the roof, in terms of its possibilities, facial recognition. good example, metadata analysis, another good example.
does improvement in analytic capabiliti capabilities ounces methodology? >> i think couldn't it ounccou s is the metadata collection program that allowed us to keep a trove of telephonak metadata when consulted when we had a run-in number that we knew was terrorist related. in fact, we limit the use of the database in that way, then you can take advantage of the analytic capability, and yet prevent, for example, simply data minding all data for
profiles of a person or for other purposes as well. but it's how you only your analytic capability, not how you limit data collection. >> yeah, i think that's exactly right. i mean, look at -- analyzing the fourth amendment out of the collection program depends on part how the information is -- how it's reprocessed. how it's analyzed. how it's taken. so to answer your question, yes, it is relevant to consider how information is handled or analyzed in terms whether or not it's lawful, at least looking at it under the fourth amendment. i do think you don't have to look very far for another example of this issue and we're waiting for it on this question of the ability of the government, not just the government, but technology to only analyze massive amounts of
data, store massive amounts of data. there was a case ruled on in 2012 here in washington, d.c. the police department, fbi here in washington. while the caseworker decided on these grounds, this was a case where she just had to stay on the car -- multiple weeks, 28 days. and some members of the supreme court were very westerned about the fact that this was a lot of data to be able to collect on an individual. even though that person was exposing themselves by driving around. so they were exposing themselves publicly. maybe this happened in a day or two days. but the fact that amount of data was being captured on this person for 28 days. then they're going to store that, analyze it. and alook for patterns and really learn so much about a
person's life and implicate the privacy to that extent is a concern for the court. i think it's the vanguard official live looking at some of the documents that underlie the fourth amendment for the third party rule which basically says, once you turn information over and expose it to a third person, you no longer have a reasonable expectation. >> that was actually going to be my next to the last question. you're all going to have a chance to ask questions in about five minutes here. so think of questions you might have. but a large fraction of what the intelligence collects it does not necessarily collect directly. it collects from third parties, whether it's telephone operators or police departments or google, you name it, there's just a host of new colct