It is a pleasure to speak to a group of intelligence community lawyers under benign circumstances. The last time I had such an audience, eleven years ago, I was “scaring the hell out of” former CIA Acting General Counsel John Rizzo, as he said in his memoirs, because of my efforts to fix some serious factual and legal errors in Office of Legal Counsel opinions that undergirded important ongoing operations. I was also scaring the hell out of Rizzo’s client, other intelligence community principals and attorneys, White House officials, and the Attorney General. And, frankly, I was scaring the hell out of myself. It was an unprecedented and difficult situation, and I’m glad it’s eleven years in my rear view mirror. I’m also pleased that you and your colleagues have thoroughly rejected or overcome most of the pathologies that characterized my period in government.
My topic today is about the one pathology that I think you have not rectified: the balance between secrecy and transparency in your work. I will quickly review the reasons why so much highly classified information, including legal work, ends up in the public these days, and why such disclosures are likely to persist and grow. I then hope to provoke you by suggesting that the government rather than the media is almost entirely responsible for the publication of these leaks. Then I will offer thoughts on how you should deal with the forced transparency that will characterize your work for the foreseeable future.
An amazing number of very highly classified programs have been revealed to the public in the last eleven years. These revelations included a lot of Executive branch legal work related to these programs—by my rough count, at least several hundred documents. The vast majority of these disclosures involved insider leaks to the press followed by shamefaced government production in reaction to leaks. The disclosures of classified legal materials are now so commonplace that we forget that they rarely occurred before 2004.
The reasons for the rise in leaks that underlie these disclosures is well known. The number of secrets and size of the secrecy bureaucracy has ballooned. As former CIA Director Richard Helms said, “the probability of leaks escalates exponentially each time a classified document is exposed to another person.”
Digitalization has also made leaking much easier. The placement of the nation’s most important secrets in bits on computer systems makes them easy to copy, store, encrypt, and transfer in bulk. The same technology empowers individuals around the globe to receive leaks and to watch and analyze intelligence community actions in a coordinated fashion, and to organize and publish that information.
And then there is the problem that the norms that once restrained the press from publishing classified secrets have weakened significantly. In part this is because the nature of “the press” has changed. Today the national security media includes not just the Washington Post and New York Times, but also The Guardian, The Intercept, Gawker, Cryptocomb, and hundreds of other sites around the globe. These non-traditional publishers deploy the digital tools I just described. They don’t take the national security concerns of the U.S. government nearly as seriously as the Times and the Post, and some of them thrive on thumbing their noses at these concerns. Competition from these non-traditional sources has led media outlets like the Times to publish things they once wouldn’t, for fear of being scooped.
The government complains bitterly when the traditional press and their less traditional heirs publish classified secrets. But from where I sit, these criticisms almost always seem misplaced because the government is almost entirely responsible for these publications.
First, they are your secrets – you created them, and you created the security system that allows them to leak so readily. As Justice Stewart said in the Pentagon Papers case: “The responsibility must be where the power is. If the Constitution gives the Executive a large degree of unshared power in the conduct of foreign affairs and the maintenance of our national defense, then under the Constitution the Executive must have the largely unshared duty to determine and preserve the degree of internal security necessary to exercise that power successfully.” It still astounds me that Edward Snowden worked for and stole those secrets from the Agency charged with information assurance for the government.
Second, many of the leaks of the last dozen years sparked reforms after revealing that the government was doing things the American people disapproved of in some way. This happened with the CIA’s detention and interrogation program, and is happening to a degree with domestic bulk collection. Even when programs like targeted killing are not significantly modified as a result of leaks, the leaks have induced procedural reform and greater transparency. Journalists see these beneficial effects and feel justified in thinking that their publications make fundamental contributions to American democracy, and that publication of more secrets would have a similar impact.
Third, the government has sent strong signals that it approves of the press publishing these secrets. Yes, the Justice Department has ramped up attempted prosecutions of leakers, though the ratio of leak prosecutions to leaks of highly classified programs is not obviously a lot higher after 9/11 than before.
At the same time, the government has backed away from accountability for journalists who publish classified information. Congress has never enacted a coherent law that criminalizes publication of national security information, and it purposefully included a media loophole in the Intelligence Identities Protection Act. Moreover, both the Bush and Obama administrations declined to prosecute journalists for defying the one criminal prohibition on publishing secrets that might pass First Amendment muster, namely, the ban on publishing classified information related to communications intelligence in 18 USC 798. Journalists defy this law on a regular basis.
The government has also made clear that it will very rarely if ever pursue journalists for their sources in leak investigations. During a period of unprecedented leaks, Attorney General Holder twice modified DOJ guidelines to further narrow the circumstances in which prosecutors can subpoena journalists. He also refused to exercise the government’s clear legal right to require James Risen of the New York Times to testify in the leak prosecution of Jeffrey Sterling. The press interprets these moves as vindication of Risen’s tough stance.
President Obama has sent a similar message. Even while he condemned the damage that Snowden caused to national security he emphasized that Snowden sparked “an important conversation we needed to have.” The President also said that journalists would not go to jail “for doing their job,” and added that “we have to constantly balance the need for certain national security issues to remain secret with journalists pursuing leads wherever they can.” Journalists rightly view these statements as support for their disclosure of classified information.
Finally, journalists find support for reporting classified information in the regular practice of national security officials leaking such information in order to explain an operation to the public, to show it in a favorable light, or to achieve some other self-serving end. I see examples of self-serving leaks of classified information every week in the newspapers and books I read. This practice makes the media inured to the leaks and disrespectful of security classifications when deciding whether to publish information that senior officials actually want to keep secret, like the names of the undercover officers.
I think it is important that you understand that the post-9/11 precedents and norms that govern the publication of national security secrets reflect a deep societal belief that press reporting of secret executive branch action serves a vital function in American democracy, especially in an indefinitely long and secretive war, even though such publications sometimes harm national security. It is no accident that the constitutional democracy with the largest and most powerful intelligence organization in the world is also the nation that gives the media by far the freest reins to discover and publish classified secrets about that organization. The two go hand in hand—the independent press helps legitimate what you do. Congress and the President have room under the First Amendment to tighten the legal reins on the press in this context. But in an era of unprecedented leaks, they have been loosening the legal reins, not tightening them. And there has been no public outcry at this loosening.
For all of these reasons, it seems likely that classified intelligence activities and related legal work related will continue to flow out to the public. The question I now turn to is: How should you think about and react to the government’s growing inability to keep secrets? I know the intelligence community is thinking hard about aspects of these problems—how to better secure secrets, the challenges of false identities in an age of Google, biometrics, and GPS, the impact on liaison relationships of growing leaks, and more generally the problem of domestic public legitimacy post-Snowden. A similar rethinking should be going on in the IC legal community if it is not already. Acknowledging fully my outsider perspective, I offer six principles that I think should guide this rethinking—some of which apply to the Executive branch generally and some of which are lawyer-specific.
First, fully absorb and adhere to the Front Page Rule. That rule counsels that the U.S. government should not engage in secret, covert, or clandestine activity unless it believes, in the words of the President’s Review Group, that it can “persuade the American people of the necessity and wisdom of such activities were they to learn of them as the result of a leak or other disclosure.” The theoretical justification for this rule is that the intelligence community acts on behalf of the American people and cannot act legitimately in a way that it thinks the American people would not support if disclosed. One pragmatic justification for the rule is that thinking about how your work will survive front-page coverage will induce you to avoid unsound, incautious, or unnecessary legal claims. A second pragmatic justification is that intelligence actions and related legal analysis that the American people do not support will, if disclosed, invite congressional and public mistrust, legal and political backlash, new restrictions, and other costs.
I know that national security officials consider the likelihood and consequences of public disclosure when crafting intelligence decisions. But very often, officials discount the likelihood of disclosure to almost zero. When this expectation is valid, the government faces few domestic political constraints on its intelligence activities, and it can focus on the merits of a proposed intelligence action restrained by little more than budgets, law, and technology. But when the likelihood of leaks goes up, new costs enter the equation. In the post-Snowden world, for example, the government must balance the security benefits of NSA collection programs against vociferous privacy and legitimacy concerns at home and potential diplomatic and economic fallout abroad. The Front Page rule counsels that in a world of greater transparency, intelligence officials, including lawyers helping them assess risk, should take these potential costs of publicity more fully into account ex ante when devising and scrutinizing new operations.
The second principle is to stop jeopardizing vital credibility through exaggerated claims about the national security harms of disclosure. In a world in which there are no effective legal barriers to the publication of national security secrets, the only tool you have to prevent publication by the mainstream press is a credible claim of national security harm from disclosure. This tactic has worked in the past more than the public realizes. The Times and the Post often hold secrets because they believe the harm of publication outweighs the benefits. And they often seek information from your clients about what those harms might be.
I have interviewed four Executive editors of the Times and Post in the last five years, and they all four said the same thing: The government has so often exaggerated threatened harm from publication that the editors now discount claims of harm very significantly. You might think these claims are self-serving, and perhaps they are. But senior intelligence officials and senior intelligence lawyers have made the same point to me. Your credibility about national security harm is a limited and diminishing resource and must be spent carefully.
The same point applies to claims of national security harm in FOIA and related litigation. Last Fall Judge Kessler issued an extraordinary Order requiring the government to disclose classified information after rejecting its claims of harm, most of which struck me (and, I think, Judge Kessler), as vague, unconvincing, and pretextual. And for years the government’s extreme claims about the harms of disclosure have been followed by subsequent disclosure and no obvious harm. To take one of many examples, the disclosures related to Anwar al-Awlaki and targeted killing, which the government once claimed would have a devastating impact on national security, occurred without any noticeable impact beyond useful public debate of legal standards. (There may have been an impact that the public cannot see, but it is very hard to understand how the release of redacted legal rationales in this context harms national security.) The al-Awlaki/targeted killing context is one where judges have begun to push back against exaggerated needs for secrecy (most notably, in Judge Garland’s opinion in the FOIA litigation). Several judges have started to signal, in public opinions and in private conversation, that the government has lost credibility about the harms of disclosure because it so often exaggerates the harm. This is a serious medium-term threat to your control over your secrets, I think.
The third and related principle is to rethink, really rethink, the pervasive resistance to public disclosure of any aspect of any intelligence operation, including the legal rationale for such operations. Director Clapper explained the basis for this resistance when he said: “Before the unauthorized [Snowden] disclosures, we were always conservative about discussing specifics of our collection programs, based on the truism that the more adversaries know about what we’re doing, the more they can avoid our surveillance.” Clapper added: “But the disclosures, for better or worse, have lowered the threshold for discussing these matters in public.” Despite this ambiguous statement, and despite many voluntary ODNI disclosures related to the Snowden leaks, the intelligence community and many of its lawyers still appear to embrace an absolute presumption of secrecy when possible, and still see the costs of disclosure about secret operations in all-or-nothing terms.
This attitude might have made sense in a world in which you could keep secrets. But in a world in which secret operations often become public, it doesn’t make sense. It doesn’t make sense because you are damaged much more by leaks and disclosures under pressure from leaks than you are by voluntary self-disclosure prior to leaks. Leaks and disclosure under pressure are reactive and invariably seem defensive and self-impeaching. When you disclose before leaks, by contrast, you can better control what is disclosed and the narrative about what is disclosed. You are also much more likely to get credit and gain legitimacy from self-disclosure, especially compared to disclosure via or in response to a leak.
The main counterargument to this point, and the sentiment that still dominates in your world, is that, as CIA Director Allen Dulles once put it, “what a government, or the press, tells the people it also automatically tells its foes.” This argument has special salience in the surveillance context because any disclosure about collection techniques heightens the enemy’s communications operational security and causes it to shift to other forms of communication less subject to detection by the government. And I know it has super-special salience when you are on the inside watching the bad guys up close, and are loathe to give them any tactical advantage.
But this argument proves too much as a basis for blanket secrecy. The same argument applies to fingerprint identification and most other investigative or surveillance tool in your toolkit. Secrecy about means and methods is an important value, but is not the only value. Other values include the medium-term legitimacy and support for your programs that I just discussed, and the notion that the governed should know at least the basic outlines of what its government is entitled to do, especially vis a vis its citizens. These and other values must be weighed in the balance.
A related point is that not all voluntary revelations about an intelligence operation are equally harmful. Disclosure that the government has interpreted Section 215 to authorize bulk metadata collection is less damaging to the intelligence-collection mission than disclosure of the fine-grained details about how NSA collects and analyzes that metadata. Similarly, you can disclose large elements of the legal rationale and processes supporting targeted killing without exposing intelligence or the diplomatic deals associated with the program.
I know that partial voluntary disclosures often lead to larger involuntary disclosures through subsequent unauthorized leaks, FOIA, and the like. But that risk must be balanced by the risk that the absence of any disclosure might undermine the legitimacy of the entire program if it leaks. Early openness about what the NSA was doing inside the United States might have diminished the effectiveness of the collection programs at a tactical level, but also would have given the government a better chance of securing longer-term strategic legitimacy for the programs.
I am not denying that secrecy is vital to intelligence operations or to your legal work in support of those operations, even in operations in the domestic sphere. In the past at this Conference you heard from a CIA official who discussed the long-term operation to discover and take down the network of Russian sleeper agents living in the United States under non-official cover, and the vital need for secrecy in that operation. This shows clearly that the optimal mix of secrecy and openness is context-dependent even for domestic operations. My point is simply that the still-pervasive inclination toward absolute secrecy sometimes makes no sense and is often self-defeating.
The fourth principle is that confident assessments of legality in secret are no guarantee of public acceptance or legitimacy. I am a big believer in the legitimating effects of executive branch lawyering combined with congressional and (when appropriate) judicial scrutiny of the legality of your secret programs. Such scrutiny has been important in producing first-rate assessments of your programs and in legitimating those programs when they leak to the public. This point might seem contestable in light of the sometimes-harsh criticisms your legal work receives once made public. But imagine the impact of the Snowden disclosures without knowledge and buy-in from most intelligence committee members, as well as agreement and occasional pushback from the FISA Court. It would have been much, much worse for you. Despite the Snowden-induced, unprecedented-in-kind scrutiny of classified legal work, and despite a lot of mostly misplaced complaints about the inadequacy of congressional and judicial oversight, no significant reforms of the basic accountability system for legal decisionmaking in secret are on the table. Only tweaks are on the table.
That said, government lawyers tend to have too much confidence in the adequacy or persuasiveness of legal conclusions made in secret. Time and time again in the last dozen years these decisions have seemed less persuasive to a public audience than they are to the secret audience. Some of the critical reaction in public is opportunistic. But some of the reaction is based on the fact that legal judgments in secret are invariably different than legal judgments in public. Decisions made in secret involve an implicitly different cost-benefit tradeoff about how much legal risk to assume. It is easier for a lawyer or a FISC judge to support the legality of Executive action when the supporting opinion is not exposed to public scrutiny. Also, secret legal decisionmaking is invariably less adversarial than public legal decisionmaking, and thus is less exposed to counterarguments and unconsidered facts that can reveal weaknesses in argumentation. These factors counsel against the belief that legal judgments made in private will stand up, legally or politically, when made public.
Fifth, I urge you to rethink your extreme disinclination to share all significant legal opinions related to classified operations with the intelligence committees. My understanding is that in recent years, NSA and DOJ have overcome this disinclination and regularly report all significant legal opinions and analysis related to domestic surveillance to both the intelligence committees and the judiciary committees. I think this should be the practice more broadly.
I am a committed defender of the Executive branch’s right and duty to interpret law for itself. But when the government acts in secret, and especially when it acts outside of contexts reviewed by the FISA court, the only possible mechanism for oversight and legitimation is the congressional intelligence committees. It is important to show your legal work to the Committees so that they—or, more realistically, their staffs—can understand what you are doing, can probe or push back against your analysis, and can determine whether it is appropriate. Even if you think that the substance of the oversight is poor, disclosures of this sort will, like attention to the Front Page Rule, make your legal work better and better able to withstand disclosure.
The arguments against sharing legal opinions with the committees are similar to the ones against disclosure generally: deliberative process, attorney-client, and/or presidential communications privileges, which in turn reflect the concern that the absence of confidentiality would chill candor in deliberations and trust between attorney and client. I think these concerns are exaggerated as excuses not to reveal legal advice more regularly to the public. But they are super-exaggerated, and less persuasive, when invoked to keep legal analysis from the congressional intelligence committees whose oversight is a primary justification for why you are able to take action in secret contrary to the usual rules of public deliberation in our democracy. Moreover, you run much less litigation risk when you disclose opinions to the committees, as opposed to the public. And the supposed chilling effect of disclosure is, in this context, simply another description for care and prudence induced by oversight.
The sixth and final principle is that you are unlikely to seriously rethink your approach to secrecy and transparency without some kind of institutionalized, inter-agency study of the problem that includes representatives of ODNI and the Justice Department. You tend to approach issues of secrecy versus transparency ad hoc and in the context of litigation. My sense is that in the FOIA context in particular, the Justice Department’s relatively narrow focus on winning the legal or disclosure issue prevails at the expense of the medium-term (but harder-to-measure) risk of losing credibility before the courts. The litigation context in which these issues often arise, combined with the fact that you are enormously busy keeping the country safe, means that you have little to step back and consider systemic costs and benefits of your transparency practices, or organizational reforms.
And yet I think you must find a way to do so, even if everything else I have said thus far is wrong. I realize that many of you will think I have overstated the likelihood of increased unwanted disclosure since so much of what you do remains successfully secret; or that I have understated the costs of disclosure on intelligence practices; or that I have exaggerated the benefits of disclosure on your legitimacy.
Even if I am wrong on all of these points, I do not think I am wrong in saying that you face a very different reality on these issues than fourteen or even two years ago, or in doubting that you have reached the right systemic approach to optimal disclosure of legal analysis. This issue warrants your extended attention and study at least as much as the related studies that your non-lawyer colleagues are conducting in light of other new pressures for transparency in intelligence.
I want to close with a word of appreciation. It has been eleven years since I was in your business, but I think about and appreciate what you do just about every day. I think about you because I teach a lot of national security courses, because I advise dozens of students every year whose professional goal in life is to have a job like yours, and because I watch your work closely and write about it on Lawfare. In thinking about what you do, I am constantly struck by how hard your jobs are—hard because the threat is so hard to discern, hard because the law is so often indeterminate or ill-suited to the task, and hard because you or your offices are often brutalized in public for sound or defensible legal judgments that are inevitably controversial because of the context in which they are made.
In a speech eight years ago, FBI Director Comey talked about the importance of the intelligence lawyer saying “no” to the client when appropriate. Saying “no” in the face of pressures to approve an action, Comey said, “takes moral character,” and “an appreciation of the damage that will flow from an unjustified ‘yes,’” and “an understanding that, in the long run, intelligence under law is the only sustainable intelligence in the country.” I agree with this, and I have made similar points myself.
But there is an important related principle that often goes unstated and that will become more salient as your work becomes ever more transparent. Just as it is sometimes hard but important to say “no” to a client, it is also sometimes hard but no less important to say “yes” when “yes” is the right answer under the law, but the context is politically controversial and the “yes” might invite public criticism and, conceivably, professional harm. I don’t envy you in the difficult task of legal judgment in the face of scary threats, inadequate law, and an unforgiving public. But I am truly grateful for what you do.