To protect whistleblowers…

Written By: - Date published: 2:14 pm, December 17th, 2016 - 16 comments
Categories: accountability, activism, Spying - Tags: , ,

One of the claims made by Edward Snowden was that there were no effective channels in the United States’ National Security Agency (NSA) to point out probably illegal programs of spying on US citizens, and morally questionable uses of commercial spying against allied nations. This claim appears to have been spectacularly validated on thursday with a POGO report that the NSA’s Inspector General, its final whistleblower protector, has been suspended for retaliating against another whistleblower.

While this report from POGO hasn’t been confirmed as far I can see 1. However they are a reputable organisation, so I have no reason to mistrust it. In fact their mission reads like what the Taxpayers Union is meant to be like if it wasn’t a Act/National partisan front.

Founded in 1981, the Project On Government Oversight (POGO) is a nonpartisan independent watchdog that champions good government reforms. POGO’s investigations into corruption, misconduct, and conflicts of interest achieve a more effective, accountable, open, and ethical federal government.

The POGO article states

Until just a few months ago, George Ellard occupied a position of trust as top watchdog of the National Security Agency, America’s principal collector of signals intelligence. Ellard was not only NSA’s Inspector General, but an outspoken critic of Edward Snowden, the former contract employee who leaked hundreds of thousands of classified emails to publicly expose the agency’s domestic surveillance program. Snowden claimed, among other things, that his concerns about NSA’s domestic eavesdropping were ignored by the agency, and that he feared retaliation. Ellard publicly argued in 2014 that Snowden could have safely reported the allegations of NSA’s domestic surveillance directly to him.

Then last May, after eight months of inquiry and deliberation, a high-level Intelligence Community panel found that Ellard himself had previously retaliated against an NSA whistleblower, sources tell the Project On Government Oversight. Informed of that finding, NSA’s Director, Admiral Michael Rogers, promptly issued  Ellard a notice of proposed termination, although Ellard apparently remains an agency employee while on administrative leave, pending a possible response to his appeal from Secretary of Defense Ash Carter.

The closely held but unclassified finding against Ellard is not public. It was reached by following new whistleblower protections set forth by President Obama in an executive order, Presidential Policy Directive 19. (A President Trump could, in theory, eliminate the order.) Following PPD-19 procedures, a  first-ever External Review Panel (ERP) composed of three of the most experienced watchdogs in the US government was convened to examine the  issue.  The trio — IG’s of the Justice Department, Treasury, and CIA – overturned an earlier finding of the Department of Defense IG, which investigated Ellard but was unable to substantiate his alleged retaliation.

“The finding against Ellard is extraordinary and unprecedented,” notes Stephen Aftergood, Director of the Secrecy Program at the Federation of American Scientists. “This is the first real test drive for a new process of protecting intelligence whistleblowers. Until now, they’ve been at the mercy of their own agencies, and dependent on the whims of their superiors. This process is supposed to provide them security and a procedural foothold.”

“The case, which is still in progress, offers hopeful signs that the new framework may be working,” Aftergood added.

POGO learned of the decision against Ellard from sources who spoke on condition of anonymity. The information was later confirmed by government officials. POGO has been told that mention of the finding will appear in a semiannual report (SAR) of the Intelligence Community IG (ICIG) that should be released in the near future. It makes brief mention of the case without citing Ellard by name.

CommonDreams has a pretty good analysis of the implications in the US. In particular to the extent that it shows that Edward Snowden was correct in not pursuing attempts to point out the legal and ethical issues with various NSA programs within the whistleblower frameworks at the NSA.

Politico reported on Ellard’s 2014 comments:

“We have surprising success in resolving the complaints that are brought to us,” he said.

In Snowden’s case, Ellard said a complaint would have prompted an independent assessment into the constitutionality of the law that allows for the bulk collection of Americans’ telephone metadata. But that review, he added, would have also shown the NSA was within the scope of the law.

“Perhaps it’s the case that we could have shown, we could have explained to Mr. Snowden his misperceptions, his lack of understanding of what we do,” Ellard said.

Yet documents confirmed earlier this year that Snowden had, indeed, reported concerns to several NSA officials—who took no action and discouraged him from continuing to voice concerns. Moreover, as Snowden toldVice News: “I was not protected by U.S. whistleblower laws, and I would not have been protected from retaliation and legal sanction for revealing classified information about law breaking in accordance with the recommended process.”

Ellard’s 2014 criticism of Snowden appears particularly threadbare after he has been found personally guilty of whistleblower retaliation.

Hopefully the NZ intelligence community have taken notice. Having people who operate with organisational malice towards whistleblowers inside organisations is a damn stupid idea. Sure they may be mistaken in their analysis. However having vindictive idiots trying to prevent short-term damage to their organisations is just a route to causing long-term harm to them. Whistleblowers may be people with a grudge (god knows that I get a lot of email like that) or with ethics that aren’t those of the organisation. However they will also act as the conscience against the embedded group-think of any organisation.

If you can’t operate with reasonable levels of transparency and clarity towards your own employees and contractors when they have issues with what the organisation is doing, why and with what authority, then you are really going to have issues when it eventually becomes public. In the connected world of today and the future, even more so than in antiquated historic (ie last decade) eras, everything becomes public.

It doesn’t matter if it is Russia trying to distort the US elections 2, the US taking stupid excesses with both their own citizens and apparently just about everyone else, or China breaking into commercial systems for cheap R&D. It always becomes public. These days it just becomes public a lot faster.

 

 

  1. I have found my first flight with affordable onboard net access. A Cathy Pacific A350-900. For me this is a landmark as the useless hours on a plane for work would be a lot more useful if I had net access.
  2. Which they appear to have had motive, means, and probably state sanction to do, and then dumped out via wikileaks. Assange is deluded. And Trump appears to be in denial 3.
  3. Sticking your fingers in the ears, like president-elect Trump appears to be doing over the assistance that the Russians appear to have given him, is just dumb. If he ignores or denies it as he is currently doing, then he will forever have everything he does being questioned as if he is a Russian stooge. His best bet is to push forward on a reasonably transparent, non-partisan and wide ranging enquiry. However I suspect that he confuses the narcissistic personal wants far more than he considers the damage to the body politic and his new role in it.

16 comments on “To protect whistleblowers… ”

  • Comments are now closed

  1. Conal 1
    17 December 2016 at 9:34 pm

    Why do you say ‘Assange is deluded’?

    Is it to do with his insistence that WikiLeaks acquired DNC emails not from Russian sources, but from an American in Washington DC, who claimed to be passing them on from a disaffected Democratic Party insider? If so, what basis do you have for asserting that this is a delusion? You don’t think it’s credible that someone such as the late Seth Rich might have leaked the data? Why not?

    I notice that you don’t go so far as to claim that the Russian government definitely hacked the DNC and passed the information to Wikileaks, only that they “seem” to have done so. But if there’s any doubt in your mind, then your aspersion against Assange should have been at least a bit hedged, if you’re going to appear to be consistent.

    To me, this whole anti-Russia scaremongering from the CIA and their echo chamber just seems undignified and hysterical. What actual evidence is there that Russian hackers supplied Podesta’s email to Wikileaks? And I don’t mean anonymous sources asserting that they know something “with high confidence”.

    So why should we put any credence in the story? It’s not as if the CIA is a paragon of truth-telling. They are a spy and propaganda agency of the US government with vested interests in spinning a particular tale, and a universally-acknowledged history of lying to support US foreign policy agendas. Trump, for all his idiocy, has every right to recall the “weapons of mass destruction” propaganda that paved the way for the invasion of Iraq. The Washington Post, that “newspaper of record”, was also happy to repeat that lie. I’m not saying that Russian agencies did NOT spy on the DNC, but what I AM saying is that the CIA’s unsubstantiated assertions to that effect should carry exactly zero weight (perhaps even less!) with serious observers.

    In any case, even if Russian agencies DID spy on the DNC, that by no means precludes the possibility that DNC emails were also stolen by an insider, and leaked to WikiLeaks, independently of any hackers, as WikiLeaks officials claim.

    Circumstantially, the killing of DNC computer specialist Seth Rich (shot twice in the head, wallet and cell-phone still on his body) is highly suggestive of a political motive. It’s interesting that Assange has offered a reward for information on the killing. Of course the evidence here is just as circumstantial, but it’s telling that the story gets so little play in the establishment media, compared to the politically convenient “meddling Putin” story.

  2. lprent 2
    17 December 2016 at 10:38 pm

    Oh what utter bullshit. You forget that I’m a programmer with more than a little expertise in network systems and the ways to stop people hacking into them. Even a cursory

    The range of sources that have been hacked into during this election season, both democrat and republican, points to a source using a large variety of techniques and a lot of skilled people. It has also been quite targeted and directed towards the political process. It isn’t a US source because that kind of activity would leak in double quick time if it was a private source trying to get enough skills together. It has to be a state player.

    Almost all of the damaging releases were all one way. To try to make Clinton look bad. Whereas the unexplained leaks targeting the republican side appear to have been targeted only at opponents of Trump during the primary.

    In fact the ONLY unexplained damaging leak during the campaign targeted against Trump was the release of details about the way he has not been paying taxes. Published by the Washington Post.

    So you’ have to ask what state player could have those skills available, and why did they do it.

    There is no motivation for any other large state players apart from Russia, North Korea and possibly Iran in trying to affect the US election towards Trump. Every other state player would prefer to have a stable US political system to deal with. But those 3 states have entrenched groups who would prefer that the US had a fool at the helm, each for their own reasons.

    Iran simply doesn’t have the capabilities. North Korea has developed some good groups. But they are too small to have intruded into so many sites. Whereas anyone who has anything to do with the underside of the net knows the extent that we get sophisticated probes at by Russians and Chinese hackers pretty continuously. Which provides a large pool of skills to recruit from.

    The Chinese have no particular motivations in gaining Trump. The Russian certainly do.

    As I said Assange is deluded if he thinks this came from anything apart from a state source, and that state source has to be outside the US. Who gives a pigs arse where the material was handed over? It isn’t hard to fly to a meeting point.

    Only Russia has both the skills base and the motivation. No amount of bullshit and probably paid for propaganda can obscure that to anyone who is technically literate.

    And that is before any actual hard evidence gets released. Sure this is guesswork, but it is educated guesswork. Which is a technique that you appear to lack.

    To me you just look like either a propaganda spinner or a religious nut (ie the ‘faithful’ who substitutes faith for brains). You sure as hell don’t look like you have looked at what evidence is available. Instead you just smear like the a illiterate fuckwit trying to obscure occams razor.

    As a working basis to operate on, it has a very high probability.

    • esoteric pineapples 2.1
      20 December 2016 at 12:43 am

      Thanks for that lprent. I feel confident it was a Russian hack, mostly based on comments from people I have confidence in, but this really helps solidify why.

      I also felt that even if it is unclear whether Russia was behind the hacks, as President-Elect, Trump needed to show some faith in his secret services as these are organs of the government representing and working in the interests of the American state and its inhabitants (even if they have behaved inappropriately in the past or given bad information). By undermining the credibility of his country’s own secret service, Trump was undermining American’s trust in their own government. This weakens the system of government.

      • Conal 2.1.1
        20 December 2016 at 2:44 am

        There were apparently a number of different attacks (including the phishing of John Podesta), and they may well have been by a number of different parties. Media reports I’ve read have identified two distinct “groups” with different code-names depending on which security firm is reporting on them. The groups have been distinguished and correlated with other hacks on a variety of different targets, based on a variety of technical metadata about their methods, working hours, and so on. But this kind of fingering is not an exact science. The tools used in hacking are tradeable items and not an unbreakable signature. The groups have been identified by some with different Russian intelligence agencies, but again, this is by no means a “slam dunk” (to use the old CIA phrase). I think the best that can be said in this respect is that at least some of the attacks probably involved Russian state security agencies.

        But in any case, as I’ve commented elsewhere, the data that WikiLeaks has published may well have had a different source. This means that the assertion that Russia deliberately interfered in US political affairs (not just spying, but actual meddling), and specifically with the intention to support Trump, is less probable again. I certainly would put any more weight on that assertion because one of the US intelligence agencies (especially the CIA!) made it.

      • Conal 2.1.2
        20 December 2016 at 2:54 am

        Why should Trump feel compelled to “show faith” in the secret police? Is it a religious requirement of the presidency? I don’t see why you should conflate the interests of the American state (the CIA?!) with the interests of its inhabitants. I am no fan of Trump, but honestly, anything he does that undermines the CIA I am going to count as a “silver lining”.

  3. Conal 3
    17 December 2016 at 10:57 pm

    Wow lots of abuse there but little in the way of engaging with the points I actually made.

    By the way, I’m well aware you’re a programmer (I’m one myself)

    • lprent 3.1
      18 December 2016 at 1:12 am

      Perhaps you should realise that sticking to the topic of the post rather than a footnote makes it less likely that the author of the post will get cranky at you.

      You didn’t say a word about whistle blowers. Just made some assertions about things that you didn’t link to.

      I would guess that you are a script monkey rather than a programmer. The lack of attention to detail tends to be a characteristic of people who can’take write designed code.

      • Conal 3.1.1
        18 December 2016 at 3:12 am

        Nice trolling! But in fact I’m a skilled programmer with over 30 years of experience, during which time I’ve written code professionally in — off the top of my head — at least 2^4 different programming languages; high level, low level, procedural, object-oriented, functional…

  4. Conal Tuohy 4
    17 December 2016 at 11:22 pm

    You’ve obviously responded to my perfectly polite comment with indecent haste in a haze of hostility that’s quite inappropriate. Why not take a deep breath, read what I actually wrote, and engage in a discussion, by explicitly addressing the points I made, and the questions I asked? And with a modicum of courtesy?

    • lprent 4.1
      18 December 2016 at 12:53 am

      Check one. When challenged with an argument, the idiot troll complains about politeness.

      Check two. Idiot troll wants to discuss their points (even when they haven’t made anything apart from assertions and no links) rather than what was in the post or what was written in response to their comment.

      I read exactly what you wrote, and I still think it is crap. Did you read what I wrote in either the post or the reply? It doesn’t seem like you did. If you had then you’d have referenced at least part of it rather than doing the usual whine about politeness.

      You ignored my post and concentrated instead on some lines in a FOOTNOTE! Is that “polite”? Not really. It is what I expect from an idiot troll with no substantive argument.

      But still I responded. I postulated a viable theory about the types of leaks and who had the capabilities, motivation, and highest probability for doing it. You postulated – well absolutely nothing apart from whining about the CIA.

      Next you will be trying to say that the hacking and selective leaking never existed or postulating ‘that the CIA dun it’ (with multiple explanation marks).

      FFS: I’ve been running this site for close to a decade and I have had decades of experience on the net. Do you really think that I can’t recognise idiotic net tactics born several decades ago?

      These days when I see people using that on my posts, I just tend to abbreviate the conversation to what I think is the probable endpoint and let the fool on the other side prove that they are not. It saves me time.

      BTW: One more check and I boot you off my post.

      • Conal 4.1.1
        18 December 2016 at 3:12 am

        I read your post and actually quite enjoyed it. Perhaps I should have said so to mollify you before quibbling about the detail in the footnote. Instead I made the mistake of thinking you’d be open to a civil discussion of anything in the post.

        That footnote, in which you said Assange was “deluded” was a puzzle to me; it was obviously a throw-away line, but I was curious about what you meant by it, as it seemed to me (if I’d understood what the “delusion” referred to), to be mistaken, and I expanded on the reasons why I thought so.

        In particular, one of the key points I made was to critique the fallacy of the excluded middle, in which Russian hacking is invalidly taken as proof that WikiLeak’s own source could not very well have been someone else; an internal leaker. Yet in your rant you expounded that very fallacy straight back at me, as if my point had gone right over your head.

        In response to my perfectly civil comment, your head exploded and you abused me shamelessly, calling me a fuckwit, a nut, an idiot, a monkey, and an illiterate. Most shockingly you accused me of lacking attention to detail. This in comments marred by a number of grammatical errors.

        Why even leave comments enabled if you can’t rise to the level of a friendly and civil discussion? If a commenter were to behave as you did they’d be blocked instantly. “Boot” me if you will. I’m not going to dignify your boorishness by responding further.

    • lprent 4.2
      18 December 2016 at 1:17 am

      And incidentally I responded to your only argumentative point related to the post.

      Why did I think that Assange was deluded about wikileaks source for the DNC leaks.

  5. saveNZ 5
    18 December 2016 at 8:57 am

    On a different note there, what about in the age of mass surveillance and corporate MSM, leaks seem to be the only way to bring down dishonest polticians…

    “The Internet and alternative media of reputable truth-telling websites are taking over. Leaks are the new political reality. Over time this will be the cure against dishonest politicians.”

    Interesting from Dotcom

    https://www.spinbin.co.nz/kim-dotcom-exclusive-2tb-leaks-to-come/

    • esoteric pineapples 5.1
      20 December 2016 at 12:56 am

      I read that the other day. I thought it was interesting but rather than “truth telling websites taking over”, I think people are quickly becoming exhausted with all the truth telling websites who disagree with each other and won’t be voting at the next election based on whatever scandals have been exposed. I think to win, Labour, with the Greens need to be presenting in simplified terms big solutions to pressing problems like housing. I also feel that Kim Dotcom still thinking Trump might drain the swamp is being very optimistic. Trump has been announcing his nominations for some time now (the post is five days old) and none of his picks make pleasant reading. However, there is no doubt that Kim Dotcom was done over and deserves justice. I just don’t think “exposing the government” is the answer to Labour and the Greens winning the next election.

    • Conal 5.2
      20 December 2016 at 2:20 am

      This is related to Assange’s line, too: that leaks and the threat of leaks are a kind of curb on dishonest politicians, but in Assange’s case he (rather more realistically I believe) says it will only stop incompetent dishonest politicians. It will always remain possible for politicians to conspire against the people, so long as they greatly improve their operational security. Assange has described it as a kind of “tax” on political conspiracy: not a cure, but an additional obstacle.

      In the case of the DNC “hack” (or “phishing” really) that’s been reported in the media, from what I’ve read the DNC’s own IT security practices let them down badly. The reports I’ve read say that Podesta asked their security guy about the phishing email, and was told that it was “legitimate”, and that he should change his password immediately. It probably was a good idea to change his password (I’ve read that his email was “p@ssword” — if that’s true it’s abysmal operational security), but not by clicking on the “change password” link in the phishing email! Which is apparently what he did.

      Incidentally, this provides a simple explanation for how the DNC’s security might have been breached but the RNC’s might not have (there’s some dispute as to whether they were hacked or not); it may have been more about the DNC’s own vulnerability to social engineering. Again, as I stated to lprent, above, the success of a “hack” (of any sort, including “phishing” more broadly) against any party does not detract from the possibility that the data was also leaked by an insider (a whistle-blower). There were certainly many people in the Democratic Party who had a great deal of motivation to leak, based on some kind of resentment over the misdemeanours of Hillary’s faction (such as the dirty tricks against Sanders, for instance).

  6. Steve 6
    18 December 2016 at 11:15 am

    You’ve hit upon a key point – the leaks were only one way so the receiver and distributor of the leaks probably had a political motive and likely sat on information obtained about the other side.

    Exactly like Dirty Politics.

The server will be getting hardware changes this evening starting at 10pm NZDT.
The site will be off line for some hours.