FORT MEADE: The US government should have publicised the existence of a programme that vacuumed up in bulk Americans’ telephone call data before its existence was leaked by former contractor Edward Snowden, the National Security Agency’s deputy director said on Tuesday.
Richard Ledgett, who is retiring next month, said in an interview that disclosing the secret programme would have been difficult. But, he said, doing so might have mitigated the damage done by Snowden.
“That’s one where I might have to say, yes,” Ledgett said in his office at NSA headquarters in Fort Meade, Maryland. “That’s one where maybe it would have been less shocking when Snowden did what he did.”
Ledgett’s comments, which echo the sentiments of some former top US officials, come as the US intelligence community is stepping up efforts to convince Congress to re-authorise other controversial surveillance programmes.
Those programmes allow intelligence agencies to collect vast amounts of digital communications from foreigners living overseas, but incidentally scoops up the communications of an unknown number of Americans.
The programmes, authorised by Section 702 of the Foreign Intelligence Surveillance Act, expire on Dec 31 unless Congress takes action.
Ledgett said that the NSA, whose mission is to intercept adversaries’ communications while protecting sensitive US government networks, had learned from the Snowden experience.
“Were being very open about the [Section 702] programme, and will be,” he said.
Privacy advocates have repeatedly demanded that the government share an estimate of how many Americans are ensnared by programmes authorised under Section 702.
Intelligence officials have declined to do so. But Ledgett, in remarks earlier on Tuesday at a forum sponsored by the Aspen Institute, said “yes” when asked if an estimate would be provided before year end.
Snowden’s revelation of the bulk telephone data programme — which captured information about calls such as the numbers and time stamp, but not their actual content — prompted congressional hearings and court battles.
In 2015, Congress passed a law replacing it with a more limited system while installing new transparency measures over US surveillance activity.
US officials argued that the programme was lawful, and aimed at finding violent militants or other adversaries in communication with allies inside the United States.
In the 50-minute interview at the NSA’s large campus outside Washington, Ledgett expressed concern about the vulnerability of US critical infrastructure to cyber attack by another nation.
“All of the major cyber threat actors that we worry about have efforts in place, have that capability,” he said.
“Can you take out a traffic system? Absolutely. Can you take out comm. systems? Absolutely. Can you take out gas and oil distribution, and energy distribution systems? Absolutely you can. ... We’re more vulnerable than most.”
He also gave a small insight into the secret cyber battles playing out globally, round the clock.
In late 2015, he said, an unclassified US government computer network was penetrated by another nation, and the NSA was called in to help.
In the past, when an adversary realised they had been discovered, they would withdraw. “Like a turtle, touch them and they pull in their shell,” Ledgett said.
“What happened here was, they fought back. So it kind of became a hand-to-hand combat thing,” he said. “We’d remove their malware. They would deploy new malware, even though they knew we were in the system. They were just trying to get around us.”
He declined to name the attacker or the computer system involved.—Reuters
Published in Dawn, March 23rd, 2017