When someone mentions the National Security Agency, what comes to your mind?
Do you see the NSA as an out-of-control, rogue agency determined to spy on everyone, or do you see the NSA as a fierce protector of our national security? Or is it somewhere in between?
I’m currently in San Francisco, attending the annual RSA Conference with 25,000 other participants. The RSA Conference brings together information security experts from around the world. The RSA Conference was started in 1991 as a place where cryptographers could share the latest knowledge and advancements in Internet Security. Today, it continues to attract the best and brightest in the field, although the scope of topics has substantially broadened.
Richard Clarke’s View of the NSA
Richard Clarke, the National Security Advisor under Presidents Bill Clinton and George W. Bush, gave the keynote speech at the Cloud Security Alliance (CSA) Summit, which is part of the larger RSA Conference. Mr. Clarke was recently appointed by President Obama to join a select, five-member review group on U.S. intelligence and technology operations.
What he said about the NSA surveillance controversy was intriguing and worth repeating.
Richard Clarke is famous for both warning President Bush about the imminent 9/11 attack and for saying to the President when his administration was planning to invade Iraq, “But, Mr. President, Al Qaeda did this.”
Mr. Clarke harbors no illusions about the massive security state that has quickly assembled at the wake of 9/11. However, he says that overall, the NSA is filled with good, competent people, and that they provide a crucial service to our country.
The NSA gathers intelligence on countries that have weapons of mass destruction, and they help trap drug kingpins and deter all kinds of terrorist threats. It’s his opinion that the agency simply needs to be under better control, and have clear, defined limits. Senior policy makers must be very specific about what information they need, and what they don’t want.
My Own View of the NSA
I don’t believe that the NSA is a rogue agency. After 9/11, the agency simply responded to what they were asked to do by the public and our politicians. They were told to prevent another attack (a nearly impossible task), and since these instructions came with very few limits, they interpreted these as broadly as they could in order to do their job as effectively as possible.
There is nothing unique about what the NSA did. Every major country has a department like them. The NSA just has many more resources at its disposal. Sometimes, like any bureaucracy, they did stupid things, like bug foreign leaders’ phones. But do you really think other governments don’t do the same thing?
I personally feel that as a country, we overreacted to 9/11, but we needed to do that to prevent another attack and to reassure ourselves that we were safe. I had faith that our strong beliefs in civil liberties would eventually swing the pendulum in the other direction. Our collective reaction to the Edward Snowden revelations seems to indicate that we are currently in the middle of this reevaluation.
The real danger, as I see it, are future large-scale attacks on U.S. soil. While the destruction would undoubtedly be bad, the real and lasting danger is how we would react as a country. It could bring permanent changes to the way our government operates in regards to protecting (or not protecting) our civil liberties.
We live in a democracy, so the NSA has to operate within some semblance of the “consent of the governed.” To me, the bigger issue is the amount of transparency the NSA will have going forward. How much should we know about what the NSA is doing? Because of the Edward Snowden revelations, we will most likely demand to know more about NSA operations.
But keep in mind that no one who was really paying attention what that shocked at any of the NSA’s capabilities and programs. The only real shock was how amazingly effective they were at what they did.
Our security state is here to stay, and it provides a valuable service that protects our country.
What we need to do now is to figure out exactly how much we have to know – or want to know – about what the NSA is doing and how they are doing it.