 Welcome to Free Thoughts from Libertarianism.org and the Cato Institute. I'm Aaron Powell. And I'm Trevor Burrus. Joining us today is Patrick Eddington. He's a policy analyst in Homeland Security and Civil Liberties at the Cato Institute. Welcome back to Free Thoughts. Thank you very much for having me. So from 1988 to 1996, you were a military imagery analyst at the CIA's National Photographic Interpretation Center. May it rest in peace. What does that all mean? So I was hired in the last big hiring wave of the Cold War for folks they were looking at for doing satellite imagery work and overhead imagery work. And when we talk about this, we're talking about looking at not only satellite imagery, but U2 photography and other forms of photography. And it's no different than the kind of photographic analysis or imagery analysis that has been done since World War I. The technology's changed, obviously, a little bit, but the basics of it in so many ways remain the same. So that means... Well, first of all, were they still using U2s in the 80s? You said U2s, either. We have continued to use the U2, I think, even up through the Iraq War. Fascinating. So this is mostly looking at pictures. I mean, obviously you can't say everything, but probably not of America. So whenever they launch a new electro-optical imaging satellite, which works in the visible spectrum just like you and I are looking at each other right now, okay, they do calibration testing. And some of that will be done over the United States. And they basically have a dispensation to do that. They'll also do calibration testing over other parts of the world as well. But they sometimes like being able to take photographs of the Statue of Liberty. I mean, you can just kind of fill in the blank, the Pentagon, any large building essentially that's really well known or other large man-made features, Hoover Dam, et cetera. So to clarify, I assume you didn't have control over... You analyzed the photographs, but in terms of who gets to say that the satellite is going to go take a picture of X, Y, and Z, was that something that you could do? So, excellent question. The way things were set up in my day, you had this entity called Comarex or the Committee on Imagery Exploitation and Requirements. And it was this big interagency group of Muckety Mucks essentially who kind of delegated down the authority for figuring out target sets, that's what we called them, to basically, in government terms, a GS15-level group of folks who would get together and decide on what you would basically be imaging. Now some of these things were what were known as standing target decks. So this is stuff that would only be reviewed basically on a yearly basis. You knew, for example, that you're going to be taking photographs of Soviet airfields, Soviet shipyards, all the rest of those kinds of things, right? So for kind of emerging issues, you would then have folks, and this included individual analysts like me, who could actually put in for collection both those specific point targets, but also for things like what we call directed search areas. So you would basically, if you're looking, I'll use the first Gulf War as an example. When we were trying to track Saddam Hussein's forces after they had invaded Kuwait in early August of 1990, one of the techniques that we needed to use was this directed search area concept, which means essentially you're taking four geographic points that create a rectangle or a square or whatever, and you're basically asking the bird to go out and kind of shoot that whole area. And that's what you use basically to try to find stuff that you think is out there or try to find stuff that you know has been in one particular location, but you think has moved to another. And in the course of doing this, you'll utilize signals intelligence, and if it's available, human intelligence or even open press sources to help you kind of refine exactly where you point the satellite. This sounds like it actually has interesting ramifications. The question of who gets to direct the resources of the CIA has interesting ramifications for security now particularly in terms of whose hard drive you're going to search or whose calls you're going to tap or whatever and whether or not you're just going to go look at your ex-wife and what she's doing and who's staying at her house and things like that. Yeah, no. I mean, the way that, I mean, Comor X and even individual analysts only had the authority to task foreign targets. So if I were to basically put in a nomination for a particular target that had USGO coordinates, I can guarantee you that I would have got a phone call and somebody would have said, what the hell do you think you're doing? So in that respect, kind of the standing controls there, I think generally worked pretty well. But that's using a satellite though. I mean, that's a big resource. It is. And that was kind of the fun thing about it, quite frankly, is because here I was 25 years old and they were basically giving me the ability to go in and do this kind of stuff. And it was remarkable. You know, I mean, to have that kind of authority to be able to point a multi-hundred million dollar satellite at a point on the earth and tell it to take a picture of it, that's kind of cool. So how did you then as a 25-year-old end up doing this? What was your path into the CIA? Yeah, no, it was really very interesting. I had always wanted to get into military intelligence. And when I went through my ROTC course at Southwest, what was then Southwest Missouri State University, now Missouri State University, you know, when you go through that process, they basically tell you, okay, list your top three, meaning the top three different branches within the army that you wanted to go to. So I listed military intelligence first, I think I listed air defense artillery second, and then armor third. Of course, the army and its infinite wisdom, you know, it puts me in armor. And what was really hysterical about that is they put me through the very last course at Fort Knox that was teaching guys how to operate the M-60A3 main battle tank, which was being replaced that very year by the new M1 Abrams. So they gave me the branch I didn't want, and they trained me on an obsolete tank. So it was just... It was going to be obsolete. That sounds like a good government process by itself. It was perfect. It was so perfect. If I ever find one of those in the street or if like someone's selling one, I could be like, Pat, I need to operate this tank. I could fire it up for you. Okay, okay, good. I could actually do it. That's always going to be a last guy to die for a contracting change. Good point. But what I will say is this, going through that armor officer basic course, it made me a combat arms officer, and it also helped me fundamentally when I became an actual intelligence officer at CIA because it helped me to understand instantly what I was looking at on imagery. So that really gave me a leg up, frankly, on a lot of my competitors as I went through the training process. How did the CIA itself start? America has... I mean, even since the revolution, we've had an intelligence element, essentially, within our government. Usually it's been a military intelligence element. But it wasn't until really the 20th century that you begin to see the creation of essentially a standing intelligence capability for the United States. And that tended to be siloed to begin with. So you had a nascent army intelligence capability, a nascent naval intelligence capability, which really matured a lot during the First World War and in the interwar period. But it wasn't until World War II itself that you began to see an interest, essentially, in something that would be more permanent and kind of be broader in scope. And the guy who's really responsible for it is a fellow by the name of William J. Wild Bill Donovan, who was a World War I army veteran, won every major military accolade that you could think of, including the Medal of Honor. He became a businessman and an attorney. And in that interwar period, spent an awful lot of time traveling, circulating among European political and economic elites, as well as in Asia. And so he began to develop his own worldwide intelligence network. That's really what it boiled down to. So even though he was a Republican and wasn't crazy about Franklin Roosevelt, he and Roosevelt shared an absolute mortal fear about the rise of fascism and what it would ultimately mean. And so he began to develop, Roosevelt began to develop this relationship with Donovan in the late 1930s. And by the summer of 1941, he is basically asking Donovan to kind of stand up this thing that became known as the Committee on Information, or he asked him to become what would be known as the Coordinator of Information. And this would ultimately lead to the creation of this thing that we know as the Office of Strategic Services or OSS. And in modern military parlance, the OSS would really be more like the current United States Special Operations Command or the Joint Special Operations Command. A lot of what the OSS did during World War II wasn't just simply trying to collect information on the Germans and the Japanese and the Italians. It was about actually parachuting people behind the lines to blow stuff up, right? So this is kind of where the covert action aspect of the CIA would ultimately emerge. Like real guns of Navarro. Well, yeah. Yeah, exactly. Exactly what it was. So, you know, you go through World War II and the OSS operates globally. It's probably more successful in the Balkans and in France and other places like that. But they develop a reputation. For some folks, it's a mixed reputation. But then Supreme Commander-in-Chief Dwight Eisenhower thought highly of it, General Patton thought highly of it. So Donovan was able to develop a constituency, essentially, for this concept. And even after Roosevelt's death and his kind of loss of influence, because he was definitely not on the same page with Truman about a lot of this stuff, Donovan essentially kept up this lobbying campaign to create this kind of capability. And Truman's original concept for what we call the CIA today was essentially a think tank in a lot of respects. He wanted an entity that would actually gobble up all the available information overtly and covertly and basically act as an advisor to the president in that respect. But with the rise of this very aggressive Soviet posture in the wake of World War II and all these de facto covert actions that the Soviets themselves were working, by 1947 Truman had really kind of come around to Donovan's way of thinking. And so this is how you get finally in the National Security Act of 1947, the formal creation of the CIA. And throughout pretty much all of its history, literally up until within the last decade or so, it was almost always a four-component organization. First and foremost, what became known as the director of operations, which is the spy element. This is the James Bond type element or Jack Bauer element, whatever term you prefer, the human spies. The director of intelligence, which is actually the think tank aspect of the CIA. The director of administration, which is pretty self-explanatory. They provide the payroll and everything else. And then the director of science and technology, which is where I wound up working within the National Photographic Interpretation Center. And that particular entity, NPIC as we called it, was really unique in so many ways. Most importantly, it was actually a joint organization. So while it was technically administratively controlled by the CIA, it was a true joint entity in that we had Army, Navy, Air Force, and Marine Corps personnel, intelligence analysts integrated into our operation, as well as folks from the Defense Intelligence Agency. And this would become the organization that would give the CIA what I still think is its greatest accomplishment, which is actually locating the missiles in Cuba in 1962 and providing President Kennedy with the information he needed essentially in order to kind of navigate through that crisis. I've asked you this before just personally, but I think our listeners would enjoy the answer. What is the movie that best portrays you think the CIA and what it really does and is like? Yeah. Or book, I guess, but movie will probably be better. Yeah. It's funny because when the Hunt for Red October came out in 1990, a bunch of us from NPIC went to the Premier here in D.C. And we had this block of seats. And since this movie is almost 30 years old, I'm going to assume this is not a spoiler for most people who are listening here. But there is a scene where Alec Baldwin's character, Jack Ryan, the CIA analyst, is basically going on about what he knows about Marco Ramius, the Soviet submarine commander and strategist and so on and so forth. And the Army General President says, you know, how could you possibly know anything about this guy? You're just an analyst. And every one of us from NPIC just roared with laughter. And so you had this group of people in the theater who were just laughing uproariously and everybody else around us is basically beginning to look at us like, who the hell are these people? What are they doing? So we literally outed ourselves, right? I mean, if any Russian, you know, KGB or GRU guy would be in the audience, he would go, oh, those are the CIA people. But in terms of kind of the basic process of assessing information, it's not a bad stand-in in that respect in a lot of ways. And, you know, the kind of the bias and the attitude that that general showed, there's some truth to that. And there's always kind of been some truth to that. And within the agency itself, I think folks who worked in the director of intelligence have always kind of felt like they were the stepchild, right? Because the agency's culture was built on wild Bill Donovan's adventures and the adventures of the OSS in World War II and, you know, all the rest of this stuff. And that whole macho thing is very different than sitting at your desk or at a light table like I was just trying to figure out, you know, what the other side was necessarily up to. And that continues to this day. Well, let me flip Trevor's question then. So we know that your career looked just like a James Bond film. But that's probably not typical. So what are the CIA that we get from Hollywood movies and television? What are the things that people may, the myths that people may believe, or what does Hollywood get most wrong about presenting it? Well, I think there are probably a lot of things that Hollywood gets wrong. I mean, this is an organization, you know, when you look at its history, has a very, very mixed, I mean, really mixed track record, right? I mean, I cited what I felt was the high point analytically for the agency, which is the Cuban Missile Crisis. There were a lot of low points and there have been many low points, right? So the idea that the agency is kind of always on the ball, always gets it right, et cetera, et cetera, I think for a long time in this country, a lot of folks were kind of mesmerized by that. But I think, you know, we've seen some fundamental alterations in people's attitudes and it isn't just, you know, in the post-Watergate era, right, in the church committee era and everything about what the agency had been up to kind of coming out. It hasn't just been that. I mean, it's even more recent history. You know, we go back to the 2002 Iraq National Intelligence Estimate, which is one of the greatest failures really in the agency's history and mainly a moral failure, right? It wasn't so much, I mean, it was an analytical failure, but it was an analytical failure that was driven by a refusal to stand up to George Bush and especially Dick Cheney and say, we're not going to tell you what you want to hear. We're going to tell you what we really think and that was the real failure. And you had a cataclysmic failure of that kind in 1967 when you had a very similar circumstance whereby the Pentagon and its intelligence element at General Westmoreland's behest, he was our commander in Vietnam at the time, was pushing this notion that we were winning the war in Vietnam. And one of my predecessors at CIA, a man who I revere and whose picture is on my desk in this building, Sam Adams, figured out by 1967 that Westmoreland was lying, that we were in fact facing at least twice as many Viet Cong and North Vietnamese forces as he and his intelligence staff were claiming. And Adams and some of his colleagues in the agency went head to head with those folks, but they were betrayed by CIA Director Richard Helms, who decided to go along with these falsified estimates. And then when the Ted Offensive happens in 1968, all of a sudden it's like, wow, Westmoreland blew it, he lied, et cetera. This came out of nowhere. Yeah, exactly. And so that literally precipitated not only Lyndon Johnson's political fall, because he'd basically tied his fate to Westmoreland and the entire campaign in Vietnam. But it really began, I think, the destruction of the agency's reputation in a lot of respect. And then you go from this high, the Cuban Missile Crisis in 1962, where you could make an argument that the CIA really did help to save the world, right? To six years later, the agency essentially going along with a fraudulent intelligence estimate that helps to prolong the war in Vietnam by years and basically leads to tens of thousands more American deaths and hundreds of thousands more wounded. There's definitely over-competence with Aaron's question about what do they get wrong. And as part of this, I think too, the particularly conservatives, I think they generally think the military is more competent than it actually is. And then we just do have this idea of born movies that the intelligence communities know everything and that all these James Bond kind of people. And we also of course had the FBI and the NSA and maybe some dark agency behind everything. I mean, these kind of popular perceptions. The gnomes of Zurich. Who was that? The gnomes of Zurich. The gnomes of Zurich. But actually, what is the difference between the CIA, the FBI, and the NSA for those who don't know? So the interesting thing about these agencies is how much they compete with each other. But in terms of kind of the history and the origins and all the rest of that, the FBI is the oldest created as a result of another domestic spying controversy. You know, one of the very first ones in our country. For the longest time, the Secret Service itself was the element that was most responsible for actually conducting forms of domestic surveillance here in the country. And at the beginning of the 20th century, of course, particularly in the wake of the assassination of President McKinley, the focus was on anarchist, right? And not the kind that we talk about on free thoughts, right? The ones who are left-wing, bomb-froing. Well, sure. I mean, you had, as you know, a couple of different strains of anarchism that developed in Europe in the mid-19th century. But there was ultimately a violent strain of this that develops. And it starts in Europe, and you have this series of bombings and assassinations, particularly against European heads of state, European royalty. And King Umberto I of Italy was the one who was killed literally just a little bit over a year before the assassination attempt against President McKinley. So the Secret Service literally began to keep track of every single anarchist here domestically or abroad. And they actually kept their names and where they could get them their addresses in these written ledger books at Secret Service headquarters in the Department of Treasury. And it's really interesting because in researching all of this, I discovered that I was probably the first researcher in the United States to actually look at those particular records at the National Archives. And it was chilling to see other human beings' names essentially written down in these books and knowing precisely why they were doing it. And you didn't actually have to have committed an act of violence, right, to get your name recorded here. You just had it to be an alleged or actual anarchist, a professed anarchist, if you will. So when President Roosevelt, Theodore Roosevelt takes over after the assassination of McKinley, he begins to very aggressively use the Secret Service for a variety of things. A lot of different federal departments begged essentially to have Secret Service agents to help them expose crimes that were under the purview essentially these departments. So you get, you know, white slave traffic, if you will, the illegal importation of Chinese workers that gets investigated. Land fraud cases within the Department of Interior become a huge, huge area of business for the Secret Service. But then some folks within the Executive Branch, you know, take it even further than that. And in 1907, the Secretary of the Navy asked the Secret Service to basically spy on a midshipman who is believed to be having an affair with the daughter of a very politically connected couple here in Washington. And this leaks. This gets out. And this is what gets into the press. And this is what then begins to motivate Congress to actually try to do something to reign this in. And so they pass legislation in 1908 that restricts the Secret Service to just protecting the president and to just going after counterfeiters. Roosevelt's response through his Attorney General, Charles Bonaparte, who was in fact a relative of Napoleon, is to create what became known as the Bureau of Investigation. So they created what would become known as the FBI in 1935. They created this out of whole cloth using generally appropriated funds with absolutely no congressional authorization. So they get this thing off the ground. And Roosevelt's last year in office is just super contentious with Congress over this issue especially. Once he's gone and Taft takes over, you suddenly see Congress lose interest in really what the Bureau is up to and all the rest of that. And so it's in this period of the Taft and Wilson administrations that you see kind of an exponential growth in the Bureau. And it's beginning to kind of get into some of these other domestic surveillance activities that would then give us the J. Edgar Hoover's and everything else that would kind of follow after that. So that's kind of the FBI's origin. And then of course the National Security Agency is an outgrowth of these different Army and Navy intelligence programs that began basically in the pre-World War I era and then became very large organizations during World War II itself. And the Pearl Harbor Committee, one of the recommendations that they made was that these cryptographic efforts, these code-breaking efforts by the Army and Navy be combined into a single entity. And so this is how we get the National Security Agency. And then of course my former employer is also essentially kind of stood up in the same time period as we discussed earlier. As far as their reach, are there differences? So surveillance, mass surveillance is the big thing right now. Are there differences between the three agencies? Because all three of them come up in the context of surveillance, of who they surveil and how they go about it. The FBI and NSA probably are the two that have the greatest overlap in many respects at this point. And part of this goes back to the change in Rule 41 that went into effect last year that now basically gives the Bureau the ability to go to any magistrate judge, pretty much anywhere in this country, and say we want to get into these computers that are located in X, Y, and Z place that don't even have to be in the same jurisdiction as this judge is now. And they can go up and they can get this data. So the FBI in its own way is kind of getting into the mass surveillance business and has been in the mass surveillance business. But NSA's reach is global. And because of the partnerships that they have with the major telecommunications organizations that we know so much more about now thanks to the heroism of Edward Snowden, it dwarfs what the FBI can kind of do on a day-to-day basis. There's an awful lot of coordination. And this is something else that the WikiLeaks dumps on the so-called Vault 7 and the CIA and its hacking tools kind of helped us to understand it even more depth. A lot of these hacking tools that have been discussed are actually shared amongst FBI, CIA, and NSA, but also with our British cousins at the General Code and Cypher School and Headquarters, or GCHQ as it's known. So when we kind of look at the scope of it, NSA very heavily focused on foreign intelligence, mass collection of data there. CIA also focused heavily on the collection of foreign intelligence, but usually in a much more targeted fashion. And if you kind of look at these so-called Vault 7 leaks, that's what you see. Most of the exploits that we're talking about here tend to be designed to go against individual machines, whereas NSA seeks to actually get to the backbone and does get to the backbone of the Internet, which gives them the ability to just sweep up literally hundreds of millions of communications almost on a daily basis. Does the NSA, I assume, I think that the CIA is the one that actually has spies, like human assets, or does the NSA use human spies in some ways? So you have a little bit of a division here. On the one hand, you have CIA, which runs essentially this agent network on a global basis. The agency... Would you say that they're in every country in America or in the world? Probably. They are in every country that is ultimately of concern to the United States, right? You're going to put more case officers and more assets against the targets that really matter to you, but there are also some targets that are extremely difficult to operate against, and I would put North Korea and Iran at the top of those lists, especially North Korea. The ability to actually physically get people in there, the ability to actually recruit people, I think, is a very daunting prospect, which is why I think a lot of people at CIA are probably extremely pro-Iran nuclear agreement. They would like to see a lot more of these kinds of things. They would like to see American businesses be able to get in there, because it would give them more pathways to actually gather intelligence. The Defense Intelligence Agency also runs its own set of assets and sources. Most of its activity is supposed to be against foreign military targets. You have what are known as the defense attachés who are, of course, assigned to every embassy that we have around the world, but the Defense Human Service operates its own assets as well. And so you get into these issues oftentimes where maybe the agency is trying to run an operation against somebody and DIA is trying to run an operation against somebody and if the coordination is not there, some very, very bad things can happen. So just to, they're both spies and they're both running operations against each other and they're not talking to each other? Yeah. That sounds like either a tragic comedy or a hilarious, you know, Pinkerton detective's kind of story. Spy versus spy. Spy versus spy. So let's talk about those WikiLeaks. What generally happened and I guess will happen, they're not all out yet. And what did you, did you learn anything, what did we learn and did you learn anything that shocked you? I wouldn't say that I learned anything that necessarily shocked me. I think it was more a question of having a lot of existing suspicions confirmed, more than anything else. At the beginning of March of 2017, we had this initial dump of not quite 9,000 documents by WikiLeaks, probably as a result of a disgruntled CIA contractor or ex-CIA contractor providing essentially information on these tools and in some case actual source code for some of these tools to WikiLeaks. What we did learn that I thought was significant is that whereas the agency for most of these existence had these four directorates that I mentioned earlier, you now have a fifth. This directorate of digital innovation or DDI as it's known. And it's underneath this fifth directorate where all of this clandestine hacking activity basically takes place. The fact that the agency has established an entire directorate dedicated to just this for me is the big news. That means that they had to get approval from Congress to do that. They also obviously had to get a lot of money and additional resources from Congress. And as I've noted in some of the stuff that I've published on this, the silence from Congress on this in terms of the implications of it has been kind of deafening. Everything that's been revealed so far is about CIA hacking efforts against commercially available software, firmware, and hardware. In other words, the stuff that you and I and everybody else uses in their homes and in their businesses. And that to me is like the real problem. And I've used this analogy before. I look at this kind of malware. I look at these kinds of tools. Basically it's like the one ring from the Lord of the Rings, right? I mean, you think that, you know what, it's like a super weapon essentially and we know it's evil and we know it can do a lot of damage and we're really, really not going to use it unless it's like the most extreme circumstance and we don't have a choice and then we'll employ it. Once you do have it, you're like, I might put it on my head. That's exactly it, right? And so the other part of it is everybody else wants this too. So when you turn around, you create these tools and then you apparently put them on a single server or a single local area network as the agency apparently did. It's an invitation to hackers. You know, it's like come and get it, right? To hack the CIA. Well, exactly. And a lot of folks in the privacy and civil liberties and technology community have been warning for years about this very kind of scenario and now it's come to pass. So the exploits that came out in the first batch and then was it yesterday that there was a second batch? And the second batch seemed to be a lot about Apple products but Apple announced today or yesterday that these were all old exploits that had been patched long ago. Should we take that as this was dangerous stuff and they may have done things with it but we don't have to worry or is it likely that they have found even more exploits on top of the ones that we've seen the old versions of? So we should bear in mind that whatever this individual or individuals gave to WikiLeaks is simply what the individuals chose to give to WikiLeaks. It does not necessarily contrary to Julian Assange's propaganda. It does not necessarily represent everything that the CIA has. We also know that the material that's been contained in these two dumps so far covers essentially the period from 2013 to roughly 2016. But I don't think it's necessarily inclusive and I think it would be a mistake to necessarily assume that it's all inclusive. You know, I'm an Apple product user. I have been since 2007. My entire household is nothing but Apple stuff. But if Apple has a weakness it is the fact that they do not release their source code for public audit. Right? And so, you know, kind of within the cryptography community that's the gold standard. Open source stuff is the gold standard because it means that you have to subject your stuff to peer review from other cryptographers, which is how you really get a chance to test whether or not this stuff is worth anything. That's why open whisper systems signal messaging app is considered still to this day the gold standard for that kind of activity because there is no evidence thus far that anybody has been able to crack it, including the National Security Agency. You can't necessarily say that about Apple because, you know, their source code is proprietary. You know, they don't put it out there. That's not to say that as a general rule they're not doing, I think, what most people would characterize as a pretty damn good job trying to do this. But as our friend or incur at George Washington University Law School has observed we don't know how to write perfect software. Right? So even the best efforts of folks whether they're working with proprietary stuff like Apple or whether they're doing it with open source stuff just you're going to find gaps and that's why it's an arms race. That's why you always have to kind of keep up with it and that's exactly how the intelligence community looks at it. We've had very strong commercial encryption, commercially available and open source and free encryption for quite a while. I mean, I generated PGP keys back when I was in middle school and high school. So why given that and given that there's ones out there that to our knowledge have not been cracked yet and are fairly easy to use, why is this a problem? Like why do they have access to so much stuff still if we can encrypt it powerfully and easily? So in the case of some of these exploits having to do with iOS, Apple's mobile operating system, the agency apparently at least had one that gave them the ability to get right at the base operating system itself. So when you're able to do that you can install software that allows you to log every keystroke and if you can do that the game is over because then you get every password, anything, anybody types on that they're going to be able to figure out. So even though in this case signal and even WhatsApp from what I understand remain essentially fine when you're able to circumvent the encryption literally by just getting directly at the keyboard that's an issue. And so the war goes on and it's going to be that way until the day comes we can actually develop flawless software and I kind of doubt that's like over the immediate horizon. Do you think though that we will end up some time in the relatively near future where at the very least so yes if they get access to your device itself they can get at your information but where all internet traffic itself and all communications traffic is encrypted end to end. So there are lots of different places along the way that it can be intercepted, right? So if you're able to get on the internet backbone for example if you're able to get into other places before the actual encryption takes place then you're able to defeat it and because there are so many parts to the system of communications, digital communications it means that there are potentially a number of different attack vectors, right? A number of different weak points. One of my favorite things about Glenn Greenwald's book No Place to Hide which is about the whole Snowden episode is the photograph that he put in there of folks from NSA's Tailored Access Operations or TAO office breaking open Cisco router boxes in order to actually put implants in them, right? So when you have the ability to potentially get into a supply chain and put implants like that in it just gets back to this whole issue, the larger issue of reining in the intelligence community and federal law enforcement in terms of what they're engaged in because they're treating the entire internet and the entire global telecommunications infrastructure as an absolutely no holds barred target whereas in the pre-internet age all of this intelligence collection activity was going against other country ciphers and codes because they were passing over dedicated communications circuits, dedicated communications cables and while that's still largely the case for a lot of your most sensitive military and diplomatic traffic it's not exclusively the case and when we talk about the terrorism threat which is really where a lot of this collection is justified or they, let me rephrase that it's how they justify the collection against the internet and the digital infrastructure of the globe they're really attacking all of us at the end of the day and that's what makes it so incredibly disturbing it's just this mentality of my highest duty and if you listen carefully it doesn't matter whether it's a president or an attorney general or a DNI it's always some formulation of my highest duty is to protect the American people which is as libertarians as we know is a lie their highest duty is to protect the bill of rights and to uphold our rights and to uphold the constitution but that's part of the problem that we have today it's the age that we're living in where everyone and especially folks in government and a lot of our friends in the media have gotten into this habit of repeating this nonsense that you can have a completely safe and secure world and still be free the founders understood that the only way that you can be safe and secure is if you have liberty if the government can't do these very things but that's what's been lost and for me that's the greatest challenge I face on a daily basis really is trying to explain to folks especially on Capitol Hill do you understand the mistake that you're making here by buying into this government argument and that's really what they're doing but so government one of its key roles the reason that if we take our social contract we're getting out of the state of nature the reason we institute it in the first place is to protect us otherwise we wouldn't have set it up and so for a lot of people so like say me I for those law enforcement agents listening in am not engaged in any criminal activity nor am I planning a terrorist attack so why should I really be bothered like even if it keeps me it doesn't keep me perfectly safe but maybe it keeps me a little bit safer than I would have otherwise been so why should I be bothered by them listening in on Trevor and me arguing about Batman vs Daredevil Daredevil by the way so the fundamental problem is essentially the precept that they operate under which is this idea that they need to collect it all to use a Keith Alexander phrase or Pokemon phrase I guess yes yes yes and if you're collecting everything it means you don't actually know who the hell it is that you're really supposed to be going after right I mean if we go back to the entire precept of the fourth amendment it's about individualized, particularized suspicion based on a probable cause standard in other words you're supposed to be going after individual human beings and that's what we have here we have a small group of human beings out there I'm thinking specifically Salaf as terrorist organizations who represent a certain level of threat right but in comparison to other threats they kind of shrink to insignificance so for example if you look at the number of people that are actually killed in terrorist incidents in this country on a yearly basis I'm talking post 9-11 now which is definitely a one-off event that was caused by incompetence among FBI, CIA and NSA not actually sharing the information they already had in a post 9-11 environment in a year in and year out basis you're much more likely to be shot and killed by a cop in this country you know then you are a terrorist so to me sure having government is designed to do certain limited things but when folks in government begin to view each and every one of us as a potential suspect first and citizen second which is exactly how our system works right now that's exactly how you get these abuses and it's also why they actually don't get the bad guys I wanted to clarify something you brought up if our listeners are not familiar with this the Cisco routers because you mentioned it briefly that one of it was in Snowden's leaks correct that they for routers being shipped to the retail market in Europe the US government intercepted the boxes opened them up and placed and so it had physical access to the routers and placed something in them so they could constantly so they undermined the company Cisco they undermined and so it shows that even if you locked down the information streams that you're just doing it old-fashioned I think you call it a black bag is what you call it yes a black bag job is what we call those just go and you know put something on their smart television so they can use it because I think one of the leaks was about that your smart TV might be watching you but I think they had needed physical access to the smart TV to get that but then they just say hey you know we're here to do a building inspection right I'm with Comcast I understand how you think that or if they know that you live in an area you intercept shipments to that area you don't even need and that they will do that if they're bought from one area don't think well I guess we can't get to that so they will absolutely go to the you know diddy gritty level to try and access I mean look under the Patriot Act right when you talk about section 215 of the Patriot Act it's all tangible things it's that business records provision so they could under the Patriot Act basically go to Best Buy or whoever and say has so-and-so ordered this router yeah they have okay great number one you can't talk about this this is a gag order number two where's the box and boom that's it that's it right and you know I mean look at there going after somebody who's like a child pornography or something like that and they got genuine probable cause that's one thing but to do what they have been doing which is literally engaging in this kind of fishing expedition surveillance on just an absolutely massive scale there's nothing that's remotely fourth amendment compliant about that and it's also militarily and from an intelligence standpoint completely ineffective like you didn't take pictures you would use when you did photographic analysis you had them take a picture of an area if they would have given you a picture of the whole country in minute detail it would not have made your job easier to find what you were looking for it would have made my job infinitely more difficult and that's the thing about it you know you have to be able to zero in on who the bad guys are and listen this gets back to the fundamental problem with my former employer for decades they have operated out of embassies and consulates right I mean this is not a secret if you go to the CI website and you read about the account of the takeover of the embassy in Tehran there's an account there of how they were operating out of the embassy it's not a secret you know in that respect to talk about it everybody basically understands that they do that that's the drawback right I mean if you're not able to essentially recruit enough folks in a given society and have them essentially be what are known as NOx you know non-official cover type agents and have them be assets and these are like native born folks who can literally like move around in the society without drawing any kind of real suspicion or anything like that if you can't get to that point in a given country with human intelligence collection you have a problem and this continues to be I think a huge problem for the United States throughout the entire Arab and Muslim world and there's you know there's no easy solution to it right I mean because we have spent so much time doing so many bad things and backing so many lousy governments over there that nobody trusts us I mean that's one of the reasons why anti-Americanism is so great well when anti-Americanism is so profound when it's so deep seated how in the world are you going to be able to actually approach people successfully to get them to work for the Central Intelligence Agency as an asset you know for a lengthy period of time very tough So I have a clarifying question about the detail that you mentioned and I'm curious about so you mentioned when you thought the WikiLeaks dumps were from a disgruntled contractor and Snowden was a contractor is there a reason why we see these leaks coming from contractors as opposed to agents or are they the same thing It's an interesting question that has been posed I tend to think that it's more a matter of coincidence at this point than anything else because if you go back and look at a lot of the leaks or espionage cases over the course of the last 30 years the vast majority of them actually involve government employees it has been interesting to see you know kind of back to back here Snowden and then what's basically being billed by most folks in government right now who are at least being quoted on this whether it's on the record or on background as more than likely being a result of some contractors who basically like shared these tools among themselves in an unauthorized fashion and then that's how you wind up you know having all this go down I do find it interesting though that it still happens post Snowden because they initiated all these so called insider threat programs to prevent this very thing from happening and it still happened So we have seen thousands and thousands of leaked documents about the surveillance program and lots and lots of details of how it works lots of details about how the CIA breaks into devices among those countless documents have any of them shown evidence of this working like have there been any leaks of reports that yes the surveillance program had this or got this guy that we wouldn't have otherwise gotten to date and again bearing in mind that we only know essentially what has leaked out or what has otherwise been publicly acknowledged the only post 9-11 program that I think we can even moderately say has had some kind of an impact is the FISA amendments act section 702 program that particular program just to refresh folks when the original illegal warrantless surveillance program was exposed by the New York Times Jim Risen in December 2005 that particular program was known as Stellar Wind and that was the original mass surveillance program that was started literally just two days after the 9-11 attacks Michael Hayden then NSA director is the one who authorized it we know on the basis of both the Snowden leaks and then follow-up reporting and Freedom of Information Act request lawsuit work by the New York Times Charlie Savage that the inspectors general of the intelligence community actually did and audit essentially of this program and when they actually asked the analysts people like me was this actually of any value to you the answer was no now the marketing mucks up the chain the political appointees and all the rest of them the vital tool yada yada yada but the actual worker bees who are the ones who really do the work to try to find the bad guy said not really in the case of section 702 the privacy and civil liberties oversight board before it effectively went defunct towards the end of the Obama administration they did a report on section 702 back in 2014 I believe and they actually said that there was pretty credible evidence that this program had in fact been responsible for helping identify previously unknown terrorist networks et cetera et cetera now none of the rest of us have actually seen the evidence but that was a bipartisan panel three Republicans two Democrats and they were pretty much unanimous you know in their assessment of it so that's the most publicly known and objective assessment essentially that we have you know the other program that Snowden exposed the section 215 telephone metadata mass surveillance program totally ineffective never caught anybody, never saved a single life et cetera and I don't think anybody was really terribly surprised by that the section 702 program was instituted in 2008 essentially to try to take that illegal stellar when warrantless surveillance program and turn it into something legal and at least nominally constitutionally compliant although I think most of us of our persuasion would still argue that that is not the case but in any event what this program does is it allows the NSA to basically collect whatever they want to in the way of foreign intelligence over the communications networks of the world and because of the nature of the communications network you are inevitably going to sweep up US person communications right this is called quote incidental collection and quote and I use air quotes for that because I think it's a little bit of a misnomer but in any event this is probably how General Michael Flynn's communications with Russian officials were actually captured so it wasn't that Obama ordered Flynn and Trump and the rest of them to be subjected to direct wire tapping it is that the normal operation of the 702 program in collecting these kinds of US to overseas communications picked up Flynn probably picked up others and on the basis of the actual foreign targets of the 702 collection in this case the Russian ambassador and probably some others a decision was then made after it had been bumped way up the chain of command to go ahead and initiate other forms of collection my guess is Flynn was probably subjected to full blown FISA surveillance in the wake of this thing there will have been others who were subjected to more full some FISA surveillance after this but the 702 program is the only quasi mass surveillance program that we can actually point to or at least that some folks have pointed to to say this has actually been useful in the fight against soul office terrorists on the Michael Flynn point there has been a lot of discussion in the opening months of the Trump administration about the relationship between the intelligence community and Trump and possible leaks and what they may know just broadly asking because it's hard to ask a specific question about this but as someone who has been a member of that community and knows how it works and probably knows people still there what's your read on what's going on are they are they worried and trying to leak or some of them are is there an internal battle is it a mixture of all three yeah I think there are a lot of things that are probably in play here I don't think there's any doubt that some former Obama administration officials have been really pushing this whole Trump I mean as far as I'm concerned the line they've been pushing is Trump is a de facto controlled agent of Vladimir Putin yeah pretty much it's the Manchurian candidate yeah exactly and to be clear there's zero evidence that a surface so far to validate that zero I don't believe that Donald Trump is a controlled agent of the Russian Federation for one thing I don't think they'd be too stupid they'd be that stupid to try to recruit a guy who is clearly so completely uncontrollable that he would be vastly more trouble than he's worth that's not to say that some folks that have surrounded Mr. Trump or been in his orbit may not have actually been targets of the Russian intelligence services Mr. Manafort may well have been General Flynn may have been in need of comprehensive investigation which is something that I've kind of been on a hobby horse about since at least December of 2016 but I think there are definitely some folks in the intelligence community who are not Trump fans and that's easy to see why he's denigrated their product on the other hand when he said these are the same people that blew it with Iraq that was a factually accurate statement the point that I've made to people is look if folks in the intelligence community can't take some honest criticism that's based on fact then they have no chance of protecting us from the likes of Al Qaeda or ISIS or anybody else if you're going to get into this business you need to have a relative skin and you need to understand that the political headwinds are going to surround you all the time you just have to learn to adjust to that and you have to, if you're going to be a really good intelligence officer you have to be willing to say no you have to be willing in fact, you have to be willing to walk away from your career if necessary in order to maintain your integrity and the problem we've had over and over again in the course of the last several decades is folks have not been willing to walk away right, they've been willing to go along to get along so we'll see how this whole thing plays out it's obviously gotten much more political in the last few days with the all the back and forth between Mr. Nunez and Mr. Schiff and some of Mr. Nunez's very questionable actions but How paranoid are you and how paranoid should we be do you put tape over the camera on your computer? Well, I have software I have software look, I worry a lot more on a day to day basis about the NSA and the FBI than I do my former employer even though I know they monitor what I write and what I publish in the fall of 2015 or the summer of 2015 I got a nice Will CIA agent listen to this do you think? Oh sure they will. Can we say hi to them right now? Hey, how's it going? Tell your friends to listen. Yeah, I can guarantee you they will and leave a review on iTunes You know some of the stuff that I've written for Kato, I've gotten nasty letters from CIA security on and stuff I've had published in CNN and elsewhere usually in connection with the torture investigation because they're not fans of having people be reminded of all of that and I sent them back little notes I normally don't use profanity or vulgarity or anything like that but I will basically remind them that I retain counsel and all the rest of those kinds of things but I think you know each one of us should be concerned about just the proliferation of all of this surveillance and it's not just at the national level right? Our colleague Adam Bates has a terrific paper out about this stingray technology these cell site simulators that are basically loaned out by the FBI and other federal law enforcement to state and locals and they've used those to surveil protesters in Baltimore and all over the country so it's the pervasiveness of this stuff and kind of the interlocking nature of it it's kind of a perverse form of federalism you know a surveillance form of federalism that we should all be opposed to because it's a direct threat to our liberty as I like to tell people it doesn't matter whether you think you don't have anything to hide it only matters what the government charges you with Thanks for listening this episode of Free Thoughts was produced by Admiral and Evan Banks to learn more visit us at www.libertarianism.org