Tag Archives: Vice

Snowden Tried to Tell NSA About Surveillance Concerns, Documents Reveal - VICE 20160606

Snowden Tried to Tell NSA About Surveillance Concerns, Documents Reveal - VICE 20160606

On the morning of May 29, 2014, an overcast Thursday in Washington, DC, the general counsel of the Office of the Director of National Intelligence (ODNI), Robert Litt, wrote an email to high-level officials at the National Security Agency and the White House.

The topic: what to do about Edward Snowden.

Snowden's leaks had first come to light the previous June, when the Guardian's Glenn Greenwald and the Washington Post's Barton Gellman published stories based on highly classified documents provided to them by the former NSA contractor. Now Snowden, who had been demonized by the NSA and the Obama administration for the past year, was publicly claiming something that set off alarm bells at the agency: Before he leaked the documents, Snowden said, he had repeatedly attempted to raise his concerns inside the NSA about its surveillance of US citizens — and the agency had done nothing.

Some on the email thread, such as Rajesh De, the NSA's general counsel, advocated for the public release of a Snowden email from April 2013 in which the former NSA contractor asked questions about the "interpretation of legal authorities" related to the agency's surveillance programs. It was the only evidence the agency found that even came close to verifying Snowden's assertions, and De believed it was weak enough to call Snowden's credibility into question and put the NSA in the clear.

Litt disagreed. "I'm not sure that releasing the email will necessarily prove him a liar," Litt wrote to Caitlin Hayden, then the White House National Security Council spokesperson, along with De and other officials. "It is, I could argue, technically true that [Snowden's] email... 'rais[ed] concerns about the NSA's interpretation of its legal authorities.' As I recall, the email essentially questions a document that Snowden interpreted as claiming that Executive Orders were on a par with statutes. While that is surely not raising the kind of questions that Snowden is trying to suggest he raised, neither does it seem to me that that email is a home run refutation."

Within two hours, however, Litt reversed his position, and later that day, the email was released, accompanied by comment from NSA spokesperson Marci Green Miller: "The email did not raise allegations or concerns about wrongdoing or abuse."

Five days later, another email was sent — this one addressed to NSA director Mike Rogers and copied to 31 other people and one listserv. In it, a senior NSA official apologized to Rogers for not providing him and others with all the details about Snowden's communications with NSA officials regarding his concerns over surveillance.

The NSA, it seemed, had not told the public the whole story about Snowden's contacts with oversight authorities before he became the most celebrated and vilified whistleblower in US history.

Hundreds of internal NSA documents, declassified and released to VICE News in response to our long-running Freedom of Information Act (FOIA) lawsuit, reveal now for the first time that not only was the truth about the "single email" more complex and nuanced than the NSA disclosed to the public, but that Snowden had a face-to-face interaction with one of the people involved in responding to that email. The documents, made up of emails, talking points, and various records — many of them heavily redacted — contain insight into the NSA's interaction with the media, new details about Snowden's work, and an extraordinary behind-the-scenes look at the efforts by the NSA, the White House, and US Senator Dianne Feinstein to discredit Snowden.

The trove of more than 800 pages [pdf at the end of this story], along with several interviews conducted by VICE News, offer unprecedented insight into the NSA during this time of crisis within the agency. And they call into question aspects of the US government's long-running narrative about Snowden's time at the NSA.

* * *

The Obama administration spent the spring of 2014 engaged in highly classified talks centered around three events: Snowden's testimony to European Parliament in March, the release of a 20,000-word April 2014 Vanity Fair story about Snowden, and his first US television interview, with NBC News's Brian Williams, in May.

In all three instances, Snowden insisted that he repeatedly raised concerns while at the NSA, and that his concerns were repeatedly ignored. In his testimony to the European Parliament on March 7, he was asked whether he "exhausted all avenues before taking the decision to go public."

"Yes," he said. "I had reported these clearly problematic programs to more than 10 distinct officials, none of whom took any action to address them. As an employee of a private company rather than a direct employee of the US government"—Snowden had been a contractor with Booz Allen Hamilton when he leaked the documents—"I was not protected by US whistleblower laws, and I would not have been protected from retaliation and legal sanction for revealing classified information about law breaking in accordance with the recommended process."

Four days after Snowden's testimony, the chief of the NSA's counterintelligence investigations division sent an email with the subject line "Snowden Claims" to Richard Ledgett, the deputy director of the NSA and the head of the so-called Media Leaks Task Force established the previous year to investigate Snowden's leaks to journalists. Also copied were Leoinel Kemp Ensor, the NSA's security chief, and other NSA officials.

"As requested we, ADS&CI [the NSA's associate director security & counterintelligence] and FBI, have conducted extensive research into [Snowden's statement to the European Parliament]," the NSA counterintelligence official wrote. "This included a review of all interviews and case material to include all paperwork and interviews collected/conducted with contractors Dell and Booz Allen Hamilton."

In several emails, Snowden, as a systems administrator for Dell in August 2012, provided NSA officials with tech support on FISA templates.

"Our findings are that we have found no evidence in the interviews, email, or chats reviewed that support his claims," the NSA official continued. The official did, however, acknowledge that Snowden had at the very least brought up privacy while at the agency. "Some coworkers reported discussing the Constitution with Snowden, specifically his interpretation of the Constitution as black and white, and others reported discussing general privacy issues as it relates to the Internet."

Because none of the people interviewed by the NSA in the wake of the leaks said that "Snowden mentioned a specific NSA program," and "many" of the people interviewed "affirmed that he never complained about any NSA program," the NSA's counterintelligence chief concluded that these conversations about the Constitution and privacy did not amount to raising concerns about the NSA's spying activities.

That was the basis for the agency's public assertions — including those made by Ledgett during a TED talk later that month — that Snowden never attempted to voice his concerns about the scope of NSA surveillance while at the agency.

* * *

Snowden declined to answer a number of very specific questions for this story. His attorney, Ben Wizner of the ACLU, told VICE News that Snowden is "ambivalent" about discussing the issues raised by the NSA documents because he doesn't trust the NSA's motives for releasing them.

"[Snowden] believes the NSA is still playing games with selective releases, and [he] therefore chooses not to participate in this effort," Wizner said. "He doesn't trust that the intelligence community will operate in good faith."

Due to the review process conducted by the government before releasing requested documents, FOIA releases are "selective" by their very nature. A series of guidelines determines what the government can and can't keep from the public, but ultimately the interpretation of those guidelines can be relatively subjective. It is not a process unique to the NSA.

Related: Here's Every Email the NSA Got After Asking Americans for Tips on How to Protect Privacy

What's remarkable about this FOIA release, however, is that the NSA admitted it removed the metadata in emails related to its discussions about Snowden. In a letter disclosed to VICE News Friday morning following inquiries we made about discrepancies in some of the emails turned over to us, Justice Department attorney Brigham Bowen said, "Due to a technical flaw in an operating system, some timestamps in email headers were unavoidably altered. Another artifact from this technical flaw is that the organizational designators for records from that system have been unavoidably altered to show the current organizations for the individuals in the To/From/CC lines of the header for the overall email, instead of the organizational designators correct at the time the email was sent."

* * *

Snowden's email, which would go on to spark so much debate at the highest levels of government, from the NSA to the Department of Justice (DOJ) to Congress to the White House, was inspired by a question on a training test. The NSA portrayed it as an innocuous question that elicited a direct response when it released the email in 2014. But the declassified documents tell a somewhat different story, with multiple people from different departments becoming involved in formulating an answer.

On April 5, 2013 — a year before the Vanity Fair story came out — Snowden clicked the "email us" link on the internal website of the NSA's Office of General Counsel (OGC) and wrote, "I have a question regarding the mandatory USSID 18 training."

United States Signals Intelligence Directive 18 (USSID 18) encompasses rules by which the NSA is supposed to abide in order to protect the privacy of the communications of people in the United States. Snowden was taking this and other training courses in Maryland while working to transition from a Sysadmin to an analyst position. Referring to a slide from the training program that seemed to indicate federal statutes and presidential Executive Orders (EOs) carry equal legal weight, Snowden wrote, "this does not seem correct, as it seems to imply Executive Orders have the same precedence as law. My understanding is that EOs may be superseded by federal statute, but EOs may not override statute."

(Illustration by Todd Detwiler)

About 20 minutes after Snowden sent the email, an OGC office manager forwarded it to the Signals Intelligence Oversight and Compliance training group — the people who had designed the test.

"OGC received the question below regarding USSID 18 training but I believe this should have gone to your org instead," the office manager wrote. "Can you help with this?" The office manager also cc'd Snowden.

But the next working day, April 8, the email and question were sent right back to the OGC. The woman who did this would later explain to NSA investigators, "Although I felt comfortable answering his question, I thought it was more appropriate for OGC to respond since the authority documents include legalities and the individual wanted them ranked in precedence order." So she forwarded the email to two OGC attorneys who "had recently provided the hierarchy of the authorities" in the training program to which Snowden was referring.

Snowden's email was unusual, the lawyer recalled. Indeed, a Security & Counterintelligence official said in an email a year later that officials had spoken to "the lawyer who responded to Snowden's inquiry and she remembered considering calling Snowden since the inquiry was out of the ordinary. However, she decided not to and instead in her email invites him to call her if he wanted further discussion. She does not recall any actual telephonic contact by Snowden."

When one of the lawyers responded to Snowden that Monday, she cc'd five people: three in the Oversight and Compliance Office (referred to at the agency with the letters SV), as well as two other OGC lawyers.

The lawyer who responded to Snowden explained to him in an email, "Executive Orders (E.O.s) have the 'force and effect of law.' That said, you are correct that E.O.s cannot override a statute." Snowden read this email, then put it in a folder in his inbox.

In a recent interview with VICE News, Litt, who in 2014 had expressed misgivings about the email before reversing himself, said: "To the extent Snowden was saying he raised his concerns internally within NSA, no rational person could read this as being anything other than a question about an unclear single page of training."

Less than six weeks after he sent the email, Snowden would be on a plane to Hong Kong with thousands of highly classified government documents. In a report on the subsequent investigation, a special agent pointed out what Snowden had already done by the time he sent his email.

"It should be noted this is four months after contacting Glenn Greenwald (according to Greenwald) and three months after contacting Laura Poitras (according to Poitras and Greenwald)," the special agent wrote. Poitras is the filmmaker Snowden originally contacted along with Greenwald and Gellman. "So this email is not evidence that he tried to raise concerns about NSA procedures through official channels before turning to the media." It is not clear whether Snowden had yet shared any documents with the journalists.

* * *

In April 2014, the month after he testified before the European Parliament, Snowden again challenged the NSA's public narrative about his failure to raise concerns at the agency. In advance of the publication of the Vanity Fair story, the magazine posted apreview online on April 8. "The NSA... not only knows I raised complaints, but that there is evidence that I made my concerns known to the NSA's lawyers, because I did some of it through e-mail," he said. "I directly challenge the NSA to deny that I contacted NSA oversight and compliance bodies directly via e-mail and that I specifically expressed concerns about their suspect interpretation of the law."

Later that day, someone from the Media Leaks Task Force circulated an email with the subject line, "FYSA: Snowden Allegation in Pending Vanity Fair Article." (FYSA is an acronym for "for your situational awareness.") A day later, Rogers, who had been NSA director for only a week, stated that he favored openness and transparency in the agency's response to Snowden.

"Let's be ready to be very public here," Rogers wrote in an email to Ledgett, De, Ethan Bauman (the director of the NSA's Office of Legislative Affairs), Frances Fleisch (the agency's executive director), and other officials whose names were redacted. "If [Snowden's] claims are factually incorrect and we do not have security concerns with the subject matter we should be very forthright in stating his claims are factually incorrect. I want us to do the coordination ASAP [versus] waiting for an article and then spending three weeks debating our way ahead."

This was easier said than done. On the morning of April 10, a day before the full Vanity Fair article was published, someone at the NSA sent an email to Arlene Grimes in the agency's office of public affairs, cc'ing several other officials, to recommend "the best way forward" in light of Rogers' directive.

"One of the key issues in any response will be the degree of certainty we express on the specific issue of outreach by Snowden to express concerns," the NSA official wrote.

Henceforth, the Media Leaks Task Force's main mission would be to take "more proactive actions to undermine future and recurring false narratives" by Snowden, as one NSA official wrote. The task force could use Snowden's email, the official said, to accomplish that goal by "contacting Vanity Fair BEFORE they publish and let them know that we plan to immediately and publicly challenge that assertion AND make clear that we warned Vanity Fair that the facts are wrong."

To go forward with this plan, the NSA needed two things: Absolute certainty that Snowden had not communicated his concerns, and approval from the DOJ to release the email.

The NSA appeared to have neither.

Emails show that the DOJ preferred that Snowden's email not be publicly released. In addition, some in the NSA believed that additional investigations were necessary to ensure Snowden had not raised concerns.

"We need great certainty about whether or not there is/was additional correspondence before we stake the reputation of the Agency on a counter narrative," a person from the task force replied in an email addressed to counterintelligence, the legislative affairs office, and the office of general counsel on April 9. "I am going to trigger an action for the appropriate organizations to do an e-mail search [redacted] to affirm that there is no further correspondence that could substantiate Snowden's claim."

A little before 6:30 the next morning, someone from the task force sent an email to the chief of the NSA's counterintelligence division.

"One last question that woke me up last night, do you know if [redacted] who received the April [2013] e-mail from Snowden was specifically asked if she received any further correspondence?" the person wrote. "I ask only because there probably isn't anyone checking her e-mail queue since she is now retired. I'm just trying to be as sure as possible we've asked the right people and checked the right places for any potential surprises."

The woman in question was the lawyer at the OGC who had addressed Snowden's email and its query about legal hierarchies. (She had indeed retired from the NSA in the interim.) The counterintelligence chief wrote that the woman had not recalled any interaction when she was questioned by the NSA in the wake of Snowden's leaks, but that he would "triple check."

The counterintelligence chief got in touch with the retired lawyer, and about an hour after their conversation, sent another email.

"Spoke with [redacted] at home," the chief wrote. "She said no telephonic contact after the email. Also confirmed that Snowden did not reply to her response which matches what we see in the email. Our review of his email did not turn up any additional emails that match the description in the [Vanity Fair] article. I truly believe we have the right one. I have asked DOJ to call me so we can discuss the release issue [of the email]. I have heard that [redacted] is not happy that I am talking to DOJ, but I am not too concerned with that right now."

"Thanks," the task force official replied. "I'll visit you when they put you in prison for talking to DOJ."

Bauman sent an email on the afternoon of April 10 to David Grannis, then the staff director for the Senate Intelligence Committee, and other congressional staffers alerting them to the pending Vanity Fair article. Bauman also provided them with a redacted copy of the Snowden email.

On April 11, Vanity Fair released its story. That afternoon, Ledgett sent an email to Teresa Shea, the director of signals intelligence — or SIGINT, which is responsible for decoding electronic communications — and a number of officials whose names were redacted. (Later that year, Shea left the NSA after BuzzFeed reported that she and her husband ran a SIGINT "contracting and consulting" business out of their house in what appeared to be a conflict of interest with her official NSA duties.) The email, with the subject line, "Vanity Fair Article With Fugitive – May Cause Additional Work," said "the much anticipated Vanity Fair article with the fugitive is out.... Probably the most concerning issue in the article is the fugitives [sic] assertion that he raised complaints with NSA lawyers and oversight and compliance personnel."

(Illustration by Todd Detwiler)

The scramble in the lead-up to the article's publication to make certain Snowden hadn't logged his concerns within the agency is especially notable in light of one fact: Ledgett had already said unequivocally that Snowden hadn't raised any formal concerns — and he had said it in the article itself, having been interviewed well in advance of its publication. He added that if Snowden made his concerns known to anyone personally, they had not stepped forward to alert the NSA during the agency's subsequent internal investigation.

The article, and Snowden's assertion in it that he had repeatedly made his concerns known in email, was the catalyst for VICE News' initial FOIA request, filed the same day the preview was released. But the assertion did not prompt widespread coverage in the media, which may have given NSA officials the impression that the agency could move on.

"The good news is that this article has not received any bounce and there have been no media queries today," Grimes wrote on the afternoon of April 10.

Grimes spoke six weeks too soon.

* * *

On the morning of May 23, 2014, Matthew Cole, then an investigative reporter with NBC News, sent an email to NSA public affairs. He wished to alert them to NBC's exclusive on-camera interview with Snowden, which would be his first with a US television network. (The interview had first been revealed by the Washington Post a day earlier.)

"As you may have seen, NBC News will be airing a long interview with Edward Snowden," Cole wrote in an email addressed to NSA spokesperson Vanee Vines and ODNI spokesperson Shawn Turner. "Given that he makes plenty of claims in the interview, I have the enviable job of checking the veracity of said claims. Is it possible to discuss by phone at your earliest convenience?"

Vines asked him to put what he needed in writing.

"Let's start with this one, but I will still need to have a follow up phone conversation," Cole responded. "Can the NSA and/or DNI confirm or deny that Mr. Snowden sent emails to the NSA's OGC or any other internal/agency legal compliance body? NBC News is aware that in the past NSA has denied that they can find any such emails."

The same day, Cole submitted a short FOIA request to the NSA, asking for "any and all emails, documents, or any other form of communication" between Snowden and any legal authorities within the agency. Although VICE News and a number of other media outlets had already filed FOIA requests for the same documents, the NSA now began to discuss taking quick action because of the pending broadcast of NBC's interview.

Vines was part of the team that had spent several weeks dealing with identical claims Snowden had made to Vanity Fair a month earlier, so she was well aware of the existence of Snowden's lone email. But she was coy with Cole.

"What do you mean? An email about *what*?" Vines wrote to him before repeating an NSA statement from December 2013 saying that investigations found no evidence that Snowden ever brought up his concerns.

Cole responded by asking for the documents again, "based on more detailed claims in our interview."

Vines immediately forwarded the exchange to De, the NSA's general counsel.

"[With] its story done, NBC is asking us to fact-check. Incredible," Vines wrote. "We'll get more info soon from the producer. In the meantime, there's apparently a fresh claim about email the leaker [Snowden] allegedly sent to OGC or a compliance official."

De, a staunch advocate for releasing Snowden's email, informed Vines that the NSA had already been speaking to the White House about Snowden's claims. He asked Vines to see if she could ferret out additional details from Cole about the interview.

Later that day, Feinstein, the chairwoman of the Senate Intelligence Committee, sent word over to the NSA that she expected a "forceful NSA response" to Snowden's claims.

"You can help temper expectations by making clear [to Feinstein] that we were not aware of this story before it was publicly advertised and until yesterday had not been contacted to respond to any issues," the person wrote. "We have not been and don't expect to be given much if any detail beyond the public 'teaser.' We can only crystal ball so much, especially when the protagonist is not bound by facts or the truth."

Vines sent out a "situational awareness" email alerting NSA officials that NBC News had an "'agreement'/relationship with Mr GlennG [Glenn Greenwald]. It has been working w/him on stories in recent months." A separate email was sent by another NSA official to Fleisch and others at the agency that said Greenwald, Poitras, and Greenwald's husband, David Miranda, "may also be involved in the broadcast." Fleisch then informed Rogers, Ledgett, and Elizabeth Brooks, the agency's chief of staff, about the pending broadcast; intense discussions were held to determine how the agency, and the Obama administration, would respond.

The following morning, De sent someone at NSA an email with the subject line "NBC/email."

"I need very senior confirmation [Kemp/Moultrie) [a reference to the NSA's director of security and Ron Moultrie, then the NSA's deputy SIGINT director] that all possible steps have been taken to ensure there are no other emails from [Snowden] to OGC," De wrote.

Those assurances apparently could not be provided — even though the agency had publicly been saying over the course of a year that no other relevant communications from Snowden existed.

(Illustration by Todd Detwiler)

"Raj, if you are looking for 100% assurance there isn't possibly any correspondence that may have been overlooked I can't give you that," an NSA official, whose name was redacted, wrote in response to De. "If you asked me if I think we've done responsible, reasonable and thoughtful searches I would say 'yes' and would put my name behind sharing the e-mail as 'the only thing we've found that has any relationship to [Snowden's] allegation. Give [sic] Snowden's track record for truth telling we should be prepared that he could produce falsified e-mails and claim he sent them. The burden then falls to us to prove he didn't (you know how that will end)."

That morning, Hayden, the National Security Council spokesperson, sent an email to Vines, Stuart Evans at the DOJ, and Litt at the ODNI, which is entirely redacted. At about the same time, De emailed someone asking, "Why is DOJ weighing in on our obligations under privacy act," an indication that Justice was interfering in the NSA's decision to release Snowden's email.

"I have no idea," the person responded to De.

In the early evening of May 24, Rogers suggested that the NSA finally release Snowden's email, which Rogers mistakenly said Snowden had addressed to the agency's Inspector General (IG).

"I'd love to share the specifics of the only e-mail we have that [Snowden] sent to the IG which asked a very broad question on the hierarchy of law vs the direction in regulation and other publications and which never mentioned privacy concerns once," Rogers wrote.

An NSA official offered up several options for dealing with NBC News, only one of which was left unredacted: "Option 1 – Engage NBC in dialog before their program airs about our factual understanding (a single outreach [from Snowden] noted, barely relevant to his claims."

That's the option Rogers chose.

Vines then sent a note about whether the NSA should release Snowden's "ONE email to NSA OGC (and OGC's response to his very benign question." Included on the correspondence were officials from the NSA, the DOJ, and the White House. Vines noted that a number of news organizations had filed FOIA requests for any emails in which Snowden raised concerns, and if the NSA were to release the single email the agency said it found, it would need to be released "to all."

Several responses by Hayden, De, and Litt followed and continued throughout the weekend; Hayden appeared to have enormous influence over whether the NSA could release the email.

On Tuesday, May 27, a day before NBC aired the first part of its interview, Cole emailed Vines and asked her to respond to seven very specific questions about Snowden and his work, though none touched on whether Snowden raised concerns at the agency.

Vines forwarded the email to officials but didn't respond to Cole's queries.

It appears that during the weeklong exchange between officials at the NSA, DOJ, ODNI, and White House, someone went above Cole's head and reached out to executives at NBC. In an email Vines sent to Hayden on May 28, she said that Cole once again contacted her seeking a response to his inquiries.

The NSA's release of a 2013 email to employees marks the first official confirmation that Snowden had also worked with the CIA.

"Matthew Cole, the 'investigative producer', assigned to NBC's project, again asked... about the e-mail today," Vines wrote. "I'm guessing that execs above him have not filled him in."

Hayden's reply was redacted, but it appears that NBC was informed about the email, possibly by Hayden. In another email on May 28 to Vines, De, and other senior White House and DOJ officials, Hayden said NBC contacted her and asked "whether our search was just of e-mails to OGC or also to the Compliance Office. Can folks confirm?"

"EVERYTHING email and registry wise was checked," someone whose name was redacted responded.

That evening, NBC News aired the first part of its interview with Snowden, which included his claims that he raised concerns and complaints about NSA surveillance programs before he made off in May 2013 with thousands of classified documents.

"We should release the Snowden email ASAP," De wrote in an email late that evening to Ledgett and another person whose name was redacted.

Unlike the Vanity Fair story, the NBC News report generated widespread media interest. Just before midnight on May 28, Vines sent a "situational awareness" email to Hayden, De, and others.

"Reuters is now pounding the pavement over the email issue," she wrote. "[Brian] Williams clearly said multiple sources confirmed at least 1 email" that Snowden had sent raising his concerns.

Vines had been hoping the NSA could immediately respond to the claims by releasing the email, thereby undercutting Snowden. Hayden, however, said the administration would not be able to resolve that question "tonight." Hayden added that she saw "relatively little Twitter discussion on the interview."

By the following morning, the NSA was hastily arranging to have the email released. The agency prepared a rough Q&A for officials there and at the White House and DOJ focusing on questions to which they would have to be prepared to respond, such as: "What is the training and awareness provided to gov't and contractor employees about reporting activities they perceive to be inconsistent with law or ethics?... Did we receive correspondence from Edward Snowden about his concerns?... How was our search for any correspondence from him conducted?... Is it possible there is correspondence we overlooked, didn't record?"

Also on the morning of May 29, Litt, in an email sent to high-level officials at the NSA, White House, and DOJ, shared a communication he received from Grannis, the staff director for Feinstein at the Intelligence Committee, about Snowden's email:

FYI received the attached from David Grannis, which I believe may reflect conversations he had with others as well.

Is there any reason not to make public the one email that NSA/FBI have located between Snowden and NSA people involving a legal question? That email is certainly not what Snowden described in the interview.... The only reason that I can see not to release the email exchange is if people are concerned that there are other emails out there, so I suppose that is a question of how confident are people in their ability to search old records. That shouldn't be too difficult.

(By the way, Sen. Feinstein spoke last week to [White House Chief of Staff] Denis McDonough and [Obama's counterterrorism adviser] Lisa Monaco about this very thing, having been tipped off it would be part of the interview. I followed up with NSA OLA [Office of Legislative Affairs] to make sure there was a response in place. I haven't seen anything yet.)

De appeared to be exasperated.

"OK. I seem to be the only one who thinks we should do something, so I will back off if everyone disagrees," he replied.

"Raj: This is still an active discussion," Hayden responded.

De, who has since left NSA, did not respond to requests for comment.

About three hours before Snowden's email was publicly released — and while Hayden, De, Litt, and the NSA's public affairs team continued to debate the merits of the release — a special agent assigned to the NSA's counterintelligence division sent an email to other counterintelligence officials about additional Snowden emails found within divisions at the NSA Snowden said he had contacted with his concerns.

There were about 30 emails discovered from the security office that Snowden either sent or received. The special agent said many of them were "blast emails" from a redacted source to an email list to which Snowden belonged. There was an email thread asking Snowden to call and discuss an issue he was having with his access card. And there was a thread in which Snowden wrote that his girlfriend had been invited to apole dancing competition in China; presumably, he queried security officials about whether they could attend.

They were "counseled against... going," according to the special agent.

A special agent assigned to NSA counterintelligence provides a breakdown of emails the NSA said it found from offices Snowden said he contacted.

The special agent said there weren't any emails that Snowden sent or received from the Office of Inspector General. But there were seven emails discovered in the OGC, five of which were "regarding the ability to open certain documents."

"Strictly a technical trouble shooting email thread," the special agent wrote.

The confidence that the NSA would soon display publicly that it discovered only one email was not reflective of what was taking place behind the scenes. De was still looking for assurances that it was the only communication from Snowden — but no one could confidently say there weren't other emails that had been overlooked.

"I would encourage you to work with your staff to give yourself confidence that requests of your folks to check for records are/were sufficiently robust to underpin your personal level of confidence," someone at the NSA said in an email to De hours before Snowden's email was released. "l am not in any way suggesting that people did not take the requests seriously — they did, but they did so under time pressure."

Rogers was informed via email by someone at the NSA whose name was redacted that the plan, which was based on "dialog with the White House," called for White House press secretary Jay Carney to read a prepared statement and indicate that the one email Snowden wrote, "the same benign email that you and I discussed," would be released later in the day.

Carney was scheduled to give his daily press briefing at 12:30pm and would read a statement the NSA sent over characterizing Snowden's email. He would also be prepared to answer questions, if any were asked, about how the NSA planned to respond to Cole's FOIA request.

Vines said she intended to contact Cole and other journalists and would provide them with the email and the NSA's statement. Yet even as Carney's briefing was taking place, NSA officials were still trying to locate additional correspondence.

In the two years since the email was released, the NSA has not walked back its insistence that Snowden failed to raise concerns internally.

* * *

The NSA, of course, had not waited for Snowden's public comments in the spring of 2014 to start looking at his emails and investigating him. They started shortly after he leaked the documents in 2013.

On June 10, 2013, one day after Snowden revealed that he was the source of the leak in a video interview posted on the Guardian's website, the NSA sent an email out to its workforce seeking information from employees who'd had contact with Snowden. The email identified Snowden as a "current NSA contractor and former CIA affiliate"; the NSA's release of this email to VICE News marks the first official confirmation that Snowden had also worked with the CIA.

The email the NSA sent to its workforce the day after Snowden revealed himself. In it, the NSA identifies Snowden as a former CIA affiliate.

In a declaration filed last year in US District Court in response to our FOIA lawsuit, the NSA's director of Policy and Records, David Sherman, said that after Snowden leaked details about NSA surveillance programs, the agency collected and searched each and every email Snowden sent.

During a hearing in the case, Justice Department attorney Steve Bressler told US District Court Judge Ketanji Brown Jackson that "there were many searches very carefully conducted by human beings. These were manual 'eyeball on every email' searches conducted by people."

"My staff searched for any records expressing concern about NSA programs by reviewing each individual email in context to see if it was responsive," Sherman said.

The NSA defined a "concern" as a "worried feeling or state of anxiety about NSA programs rather than bringing up for discussion or consideration a matter of interest or importance." How the NSA applied that narrow definition of "raising concerns" to the emails they reviewed isn't clear.

* * *

Though the NSA publicly expressed confidence it would have found among all of Snowden's emails ones that more directly involved his concerns with domestic spying, it appears the agency did not obtain all of Snowden's emails. On April 10, 2014, a member of the media leaks task force asked the chief of the Counterintelligence Division whether "we had a clean capture of all of his work e-mail related to high-side [classified] email — to include any engagement with his Booz chain?"

The response notes that "we have his [Top Secret] NSANet email and his UNCLASSIFIED NSA.gov email," but is followed by several redactions, one quite long.

In June, the chief of staff of the Associate Directorate for Security and Counter Intelligence corrected a document for accuracy to clarify they had "reviewed all of the email and NSANet social media posts authored by Edward Snowden which we have been able to obtain," seemingly suggesting they were not confident they had obtained them all. Yet several other emails suggest NSA officials were confident they had gotten everything from Snowden's "final acts in government."

The same chief of staff also admitted, "it remains possible that unrecorded verbal communication existed between Snowden and one of the offices he cites, but we have not located any individual who remembers any such hypothetical conversations."

As it would turn out, more communications were located. But a person or people at the agency withheld these details, which contained important context about Snowden's correspondence, from the media — and initially even from Rogers.

* * *

About an hour after the email was released, and a few hours after Carney said only one piece of correspondence from Snowden had been located, a member of the Media Leaks Task Force sent an email to a dozen people and offices at the NSA saying the Office of Director of Compliance "reminded us of some other 'interactions' with Snowden that may need to be considered."

"[Redacted] dug this one out of the SSCT files for us.... It displays 2-3 additional contacts with the SV [Oversight and Compliance] contingent that we need to consider... but they do not appear to have any 'alarm' or 'concern' for illegal pr [program] questionable activities on the part NSA," the email said.

The emails found included the one that had been released, a "personal exchange" with an Oversight and Compliance official Snowden had when he "appeared at her desk with concerns about 'trick questions' in the test he was taking being the reason why he failed the test." And the technical email exchanges related to a FISA "document template" in August 2012 while he served as a systems administrator with Dell. (FISA, or the Foreign Intelligence Surveillance Act, dictates a legal framework for wiretapping and other surveillance.)

The task force "does not see these as items that show his 'concerns'... but they do show interaction with the Compliance elements [that Snowden said he had and which the NSA denied] for NSA, albeit administrative in nature," the email said.

About 10 minutes later, a special agent from NSA's counterintelligence investigations division replied and said, remarkably, that they were unaware that Snowden had a verbal discussion with compliance.

"The in person contact is news to me, but again, not an actual complaint about the law or authorities (just that we use trick questions in our tests)," the special agent wrote.

An NSA counterintelligence investigations official reveals in an email, nearly one year after Snowden's leaks, that they were unaware Snowden had an in-person discussion about his concerns.

Forty-five minutes later came another reply, this one from the chief of the signals intelligence directorate's strategic communications team, a lieutenant colonel in the US Army, who asked his NSA colleagues to do a bit of soul-searching, and perhaps admit that they should shift their focus away from trying to hold Snowden accountable and instead focus on repairing the NSA's "brand."

"The contentions by the fugitive that he had umbrage with programs are not apparent, in any fashion, in these communications," the lieutenant colonel wrote.

The lieutenant colonel went on to say that the type of test Snowden had been taking when he asked about legal hierarchies was a standard one given to junior analysts or someone new to working signals intelligence at the National Threat Operations Center (NTOC). This, he argued, proved that Snowden was not working in a senior capacity at the NSA.

"Complaints about fairness/trick questions are something that I saw junior analysts in NTOC (and I had about 8 of them on my team in 20 months) would pose — these were all his and positional peers: young enlisted Troops, interns, and new hires," the officer wrote. "Nobody that has taken this test several times, or worked on things [redacted] for more than a couple of years would make such complaints."

Despite the discovery that Snowden had additional contacts with other divisions within the NSA — which the agency did not inform the media about, and which officials did not disclose to Rogers — a decision was made not to make mention of it in a final Q&A document prepared for the White House.

"There are obviously lots of contacts Snowden had with folks in various organizations of NSA while he was in access," wrote the NSA's deputy associate general counsel for administrative law and ethics in an email later on the afternoon of May 29, 2014. "So long as the Q and A remain fashioned about correspondence regarding 'his concerns' — i.e. reporting of violations; questions of lawfulness, etc... then it seems like the planned approach will still be accurate."

Later that day, Rogers sent an email to several officials and the public affairs office stating that the NSA should be proactive and transparent with the public "as long as we don't endanger any follow-on legal action."

"SEN Feinstein adding her thoughts to the public would be of value to the public I believe," Rogers said.

In a statement Feinstein posted to her website that afternoon, she noted that she was the one who had released the email and that the NSA told her committee it found no other "relevant communications from Snowden... in email or any other form," which turned out to be untrue. The email, her statement said, "poses a question about the relative authority of laws and executive orders — it does not register concerns about NSA's intelligence activities, as was suggested by Snowden in an NBC interview this week."

Shortly after the email was released, the Washington Post's Barton Gellman published an interview with Snowden, who responded to the release of the email by saying it was "incomplete."

It "does not include my correspondence with the Signals Intelligence Directorate's Office of Compliance, which believed that a classified executive order could take precedence over an act of Congress, contradicting what was just published. It also did not include concerns about how indefensible collection activities — such as breaking into the back-haul communications of major US internet companies — are sometimes concealed under E.O. 12333 to avoid Congressional reporting requirements and regulations," Snowden said.

Snowden's statement resulted in a barrage of media inquiries to the Office of Public Affairs and dozens of FOIA requests seeking any additional material showing that he raised concerns. However, the NSA refused to entertain any additional questions, instead providing reporters with a copy of their prepared statement and the sole email.

A day after Snowden's email was released, the public affairs office asked the OGC to clear a statement to be sent to the NSA workforce. Grimes, one of the public affairs officials, explained in an email that "several questions" were submitted to the media leaks internal communications website since Snowden's NBC News interview had been broadcast two days earlier. The message to the workforce contained the prepared statement Carney read at the White House briefing along with a statement directed to NSA employees.

"We understand the frustration many must feel," a draft copy of the statement said. "Please understand we are making every effort to ensure that NSA continues to be transparent with the public while protecting sources and methods and the integrity of the investigation."

That evening, a special agent with the NSA's counterintelligence investigations wrote an email to others at counterintelligence, whose names were redacted:

"It's going to need to be crystal clear that we denied having correspondence containing any complaints, not that we denied having any correspondence period."

* * *

There were reasons to doubt the completeness of the NSA's search for Snowden's emails within an hour of the NSA's release of Snowden's one email.

At 1:13pm on the day the email was released, someone in OGC identified a new version of the OGC contact, which appears to have been missed because OGC (like Oversight and Compliance) alerted the counterintelligence people — not the Media Leaks Task Force — about the contact after Snowden came forward. By 3pm, those responding had found two more details they hadn't known before, including that the compliance woman had had a face-to-face interaction with Snowden, and that he had provided help to a compliance person having technical issues.

While the efforts on both the document search and the Q&A document continued, on June 3 it took on new urgency. Elizabeth Brooks, the NSA chief of staff, started doing a "review of the thoroughness of the check for material which may represent outreach by Edward Snowden to officials at NSA along the lines of what he claimed."

Multiple people offered to help, sending email threads from the previous days and weeks. By the end of the day, a senior member of the Media Leaks Task Force apologized to Rogers that he or she hadn't adequately informed him — and the 31 other people receiving the mail — about Snowden's interactions.

"I, as the accountable NSA official for Media Disclosures issues, accept responsibility for the representation that the only engagement we have uncovered is a single web platform e-mail engagement with an attorney in the NSA Office of General Counsel," the person wrote, taking responsibility for leaving NSA leadership "insufficiently informed about this matter," and promising "to correct for that going forward."

The first page of the apology email sent to Rogers and cc'd to more than 30 others.

The email went on to explain what days of searches had discovered were in fact three interactions between Snowden and the Oversight and Compliance Office: the emailed question the training person received and then sent back to OGC; a face-to-face interaction with another training person; and Snowden offering assistance troubleshooting a problem with a document template while working for Dell in 2012.

The email includes a passage that describes the process NSA used to assess whether Snowden had raised concerns.

"Through interviews, research and solicitations for information in support of investigative and other requirements we have accumulated a set of data which represents our best, most authoritative capture of encounters initiated by Edward Snowden which may have some bearing on the investigation, media disclosures or his claims," the apology explained. "We cannot affirm with 100% certainty that this is a complete set of information, that would be impossible to achieve, but it is a body of knowledge upon which we can and have drawn some defendable conclusions."

The apology then reviews Snowden's claims, and concludes, in part, "no examples have been found that rise to the level of his claims." The apology is a remarkable example of accountability, but it still doesn't tell the whole story.

When the NSA first released Snowden's email, it suggested his question was simple and the answer straightforward. This was superficially true; does the NSA have to follow the laws passed by Congress — a set of laws generally called the Foreign Intelligence Surveillance Act — or can a presidential executive order, which for the intelligence community would be Executive Order 12333 (it governs intelligence activities), override that family of laws? OGC told Snowden that NSA has to follow the laws passed by Congress.

But the General Counsel's office and Oversight and Compliance had actually just been collaborating on the subject of Snowden's question as part of a revision to the training course. "Two of the OGC attorneys had recently provided the hierarchy of the authorities during the OVSC1800 [USSID 18] course development meetings," the Oversight and Compliance training woman said a year later while explaining why she sent the question back to OGC to answer. Perhaps for that reason, the two departments engaged in a discussion about who would answer it; six or seven people got involved in the response.

Then there was the in-person contact with Snowden. As the Oversight and Compliance training woman described in an email written a year later, he "appeared at the side of my desk in the Oversight and Compliance training area... shortly after lunch time." Snowden did not introduce himself, but "seemed upset and proceeded to say that he had tried to take" the basic course introducing Section 702 "and that he had failed. He then commented that he felt we had trick questions throughout the course content that made him fail." Once she gave him "canned answers" to his questions, "he seemed to have calmed down" but said "he still thought the questions tricked the students."

That may well have been what the exchange seemed like to the woman, though it is unlikely Snowden, who six weeks later would walk out of the NSA with thumb drives full of NSA secrets, was agonizing over failing an open-book test.

After fixing an obvious error in her description of the exchange she provided a year later, the Oversight and Compliance training woman said it would have happened "during the timeframe between 5-12 April 2013." That means the exchange occurred within a week — and possibly on one of the same days as — the discussions about how to respond to Snowden's emailed question to OGC, a question that was characterized as unusual. The training woman said Snowden did not introduce himself, which means she wouldn't have known he was the same person whose question she had sent back to OGC; nothing in her explanation reveals how she came to understand it was Snowden. But the NSA's records show OGC received complaints from Snowden about at least two different training programs within days, and that he knew they were speaking to each other about his question. In its internal assessment of Snowden's communications with the agency, however, the NSA treats these as two separate incidents.

There's evidence the NSA's training materials and courses at the time had significant errors. A revised Inspector General report on Section 702 of FISA, reissued just days before Snowden returned to Maryland for training on the program in 2013, found that the Standard Operating Procedures (SOPs) posted on the NSA's internal website, purportedly telling analysts how to operate under the FISA Amendments Act passed in 2008, actually referenced a temporary law passed a year earlier, the Protect America Act.

"It is unclear whether some of the guidance is current," the report stated, "because it refers only to the PAA," a law that had expired years before. A key difference between the two laws pertains to whether the NSA can wiretap an American overseas under EO 12333 with approval from the attorney general rather than a judge in a FISA Court. If the SOPs remained on the website when Snowden was training, it would present a clear case in which NSA guidance permitted actions under EO 12333 that were no longer permitted under the law that had been passed in 2008.

Similarly, a key FISA Amendments Act training course (not the one described in the face-to-face exchange, but another one that would become mandatory for analysts) didn't explain "the reasonable belief standard," which refers to how certain an analyst must be that their target was not an American or a foreigner in the US — a key theme of Snowden's disclosures. While some work on both these problems had clearly been completed between the time of the report's initial release and its reissue just days before Snowden showed up in Maryland, both these findings remained open and had been assigned revised target completion dates in the reissued report, suggesting the IG had not yet confirmed they had been fixed.

The issue of whether the presidential Executive Order that the Intelligence Community uses to authorize its overseas activities, EO 12333, can trump the law Congress passed in 1978 to impose limits on spying, has been a simmering issue since DOJ lawyer John Yoo secretly claimed in 2001 that FISA's limits on Executive Branch spying might be an unconstitutional infringement on the president's authority. It has been a public issue since 2006, when the DOJ revealed a theory that the war against al-Qaeda meant the president could override the law passed by Congress, and was a key issue in passage of the FISA Amendments Act in 2008.

It was central to one of Snowden's most inflammatory revelations, documents showing that the NSA was hacking Google overseas, effectively giving itself a way to bypass FISA and access domestically collected data directly. And it was an issue Feinstein and Senator Mark Udall raised in a confirmation hearing months before Feinstein would advocate an assertive response to Snowden's claims in 2014.

* * *

The video of Snowden released by the Guardian on June 9, 2013 may have been what triggered the woman from Oversight and Compliance to recognize that it had been Snowden who approached her at the NSA. The next morning, when she "realized I had contact with him," the first thing she did was try "to pull his training record, but it had already been pulled from the system." She "reported the [face-to-face] contact to my management and considered the issue closed."

If she did so in writing, that document was not released to VICE News. The emails do show that she emailed her supervisors on the other contact she had with Snowden, however; she forwarded the email chains involving the response to Snowden's OGC email, with the first of what may reflect four emails sent at 9:15am.

At 10:02am, the chief of Oversight and Compliance sent Ensor, the NSA's security chief, the third of those email chains, explaining, "Here's another data point on the Snowden situation."

The records turned over to VICE News do not show that the face-to-face exchange with Snowden was written up until April 9, 2014, a year after the exchange, after teasers from the Vanity Fair article revealed Snowden was claiming he "contacted NSA oversight and compliance bodies directly via email and that I specifically expressed concerns about their suspect interpretation of the law."

As noted, the compliance woman's story had to be corrected to match the dates up to when Snowden would have been at Fort Meade. "We received a call from D4 [Office of the Director of Compliance] questioning the dates (11 or 12 Jun) that [redacted] annotated during the discussions on" the Section 702 course, one of the other people in Oversight and Compliance wrote on April 10. She "has modified her dates to reflect 5-12 April 2013."

NSA did not provide a version of the draft of the email with the incorrect date. When the chief of Oversight and Compliance provided a description of all the department's interactions with Snowden to the NSA chief of staff, Elizabeth Brooks, in June 2014, there was no mention of any other paper trail of the exchange, though earlier that same day the deputy chief had stated, generally, that that information had been provided to Ensor on June 10, 2013.

(Illustration by Todd Detwiler)

In the absence of a response from NSA or Snowden, it is impossible to know what to make of this contact, the current version of which appears to have been drafted in response to Snowden's claims. One person who would speak on the record, however, is former NSA official turned whistleblower Thomas Drake. We asked him how the compliance department functioned, though we did not reveal to Drake details of this report. Drake told us, "These are positions that are designed to protect the institution from bad news, even internally. So, you know, 'We'll turn bad news into good news.'"

One thing that is clear, however, is that the apology laying all these details out, written after several days of fact checking at the NSA and document review in June 2014, leaves out at least one key detail — that the OGC email and the face-to-face communication could have happened the same day, making it far more likely they should be treated as parts of the same exchange. More significantly, the apology claims that "in response to the June 2013 Agency All... she provided in writing her account of these engagements." If the timestamps on documents provided to VICE News are correct (something that the NSA has admitted is a problem with this FOIA response), she actually provided her side of at least the OGC contact even before the Agency All email. But there is no record she provided her written account, to either of these exchanges, until a year after the event, a detail — if true — that Rogers should have known.

* * *

Snowden noted in his testimony to European Parliament that there was no safe avenue for contractors like him to raise concerns.

"US whistleblower reform laws were passed as recently as 2012, with the US Whistleblower Protection Enhancement Act, but they specifically chose to exclude intelligence agencies from being covered by the statute," Snowden said. "President Obama also reformed a key executive whistleblower regulation with his 2012 Presidential Policy Directive 19, but it exempted Intelligence Community contractors such as myself. The result was that individuals like me were left with no proper channels."

The NSA's director at the time Snowden left the agency, General Keith Alexander, was apparently unaware whether contractors were covered by whistleblower protection laws. He emailed Ledgett four days after Snowden testified before European Parliament on March 11, 2014.

According to an email he sent, former NSA director Keith Alexander was unaware whether contractors could report whistleblower complaints.

"Rick, I believe there is also a Whistleblower methodology for contractors. Do we have that?" Alexander wrote.

"Sir, it's not the recently enacted Whistleblower Protection Act but there are previous laws that protect contractors. Cc'ing Raj [De, the NSA general counsel], and [redacted] who can provide that info," Ledgett responded.

A person at the NSA whose name was redacted weighed in on another email, telling Alexander:

The Intelligence Community Whistleblower Protection Act of 1998 and Presidential Policy Directive PPD-19 provide a mechanism for both employees and contractors to report alleged wrongdoing. Whistleblowers can report matters of "urgent concern" to the NSA IG [Inspector General, a government organization's internal watchdog] and DoD IG. Whistleblowers, to include contractors, can report matters of "urgent concern" to the intelligence committees after notifying the NSA IG or DoD IG of the intent to do so and obtaining direction from the IG on how to contact the Intelligence Committees. The Whistleblower statute provides an avenue to report concerns related to classified matters without improperly disclosing classified information.

The Q&A document begun just before the release of the email, which started as a rushed attempt to provide more information to the White House — an attempt, De suggested, to "put off" the decision on whether to release Snowden's email — revealed, over the course of many rounds of editing and fact-checking, the limits of what the NSA would claim about its own oversight, Snowden's claimed efforts to raise concerns, and whistleblowing. An early draft aspired to determine "how many cases have been brought to the attention of Agency officials, and how those cases were closed out," but the final document states only that "NSA OIG keeps a record of all inquiries and actions taken."

Early on, it was noted that "technically speaking all reported activity that is found to be a violation of law, directive, or policy requires some corrective action." By the final version, NSA had changed that to read, "Activity that is found to be a violation of law, directive, or policy is thoroughly reviewed to determine corrective action."

By the end of the first day of working on the Q&A, a lawyer had suggested the issues Snowden claimed to care about did not pertain to ethics. "I recommend we drop the word 'ethics' and replace with 'policies' for Question #1. There is no annual 'ethics' training requirement for every employee," the lawyer noted. "In addition, 'ethics' issues are often about use of government resources and the like... not typically violations of the 4th Amendment type concerns."

The changes in the Q&A document also reflect the evolving understanding of Snowden's complaints. On June 3, not long before the apology to Rogers, the security chief of staff changed the characterization of what the email search had found "for purposes of accuracy" to state they had reviewed all of Snowden's emails "which we have been able to obtain."

NSA tried to make the case that Snowden should have known where to voice his concerns thanks to (sometimes mandatory) training that emphasized limits to the NSA's authority, and how to report any violations of those limits. "These specific training courses discuss the limitations of SIGINT authorities and mission operations to include reminders and guidance about who to contact with questions about scope of authorities, and who to contact if there are known or even potential compliance concerns," the Q&A document said.

The Q&A cited a basic training course, "NSA/CSS Intelligence Oversight Training," as the place where most people learn how to report a concern. The document claims, "Most contractors are required to take this course," and asserts Snowden is the kind of person, as a SysAdmin until 2012, and as an analyst trainee in 2013, who would have been required to complete it. But it stops short of asserting that Snowden did so.

The editing process of the Q&A document also indicates that the other means by which Snowden might have learned he could make protected complaints — via the IG himself — were not crystal clear.

The initial drafts of the document overstated the degree to which the NSA's IG invited whistleblowers to report legal violations. It started by claiming, "The NSA OIG [Office of Inspector General] also provides briefings to various NSA training classes, including the new hire orientation class." But on June 3, 2014, the IG's Executive Officer admitted, "Technically we are not quite briefing [that class] yet... still trying to get OIG on schedule."

Similarly, it claimed, "The OIG also issues agency-all messages covering policies and avenues for reporting suspected mismanagement and violations of law, policy, and regulations." But on June 4, the counsel to the Inspector General noted the agency-all messages "aren't as focused as the two [post-Snowden] ones you mention, and we might need to massage the words a little."

As the finished Q&A document makes clear, before Snowden's leaks, the most regular notice on reporting to all NSA employees from the IG pertained only to "waste, fraud, mismanagement of Agency resources, and abuse of authority." After that, in the spring of 2014, the IG sent out a notice stating that NSA/CSS Policy 1-60 "requires that NSA/CSS personnel report to the OIG possible violations of law, rules, or regulations," as well as things like mismanagement. It also cites the Intelligence Community Whistleblower Protection Act (ICWPA).

The Q&A document goes on to describe other reporting mechanisms, and includes one — the Privacy and Civil Liberties Office — that was created in August 2013 as a response to the Snowden leaks.

Thus, while the Q&A document does provide a map of ways in which legal issues might be raised, it's also a map of resources put in place in response to Snowden, an indication that the resources available to Snowden may have been inadequate.

And it's still not clear these policies apply to contractors. Congress is only now debating, in the Intelligence Authorization for next year, requiring the Intelligence Community Inspector General to report "the number of known or suspected reprisals made against covered contractor employees during the five-year period preceding the date of the report," and to evaluate "the usefulness of establishing in law a prohibition on reprisals against covered contractor employees as a means of encouraging such contractors to make protected disclosures."

Even though Litt claimed to be trying to provide more protections for contractors, he had not heard of this provision when asked during our interview. Instead, he offered reasons why the government can't protect contractor whistleblowers. "We are constrained what we can do with contractors," he explained. "We don't have the ability... to modify a contractor's employment relationship with his employer."

* * *

Last weekend, former Attorney General Eric Holder said Snowden's leaks, while illegal, were a public service because they sparked debate about the legality of surveillance programs and resulted in changes.

Senator Ron Wyden, one of the Democratic members of the Senate Intelligence Committee, agreed.

"Senator Wyden certainly believes that protections for intelligence agency whistleblowers need to be much stronger, to prevent retaliation and encourage reporting of serious systemic problems," said Keith Chu, a spokesperson for Wyden, who sits on the Senate Intelligence Committee. "However, in the case of mass surveillance, agency leaders, inspectors general, and the relevant oversight committees were all aware that mass surveillance was happening, but the problem was not fixed until it became public."

The NSA declined to respond to a series of questions VICE News sent the agency. Instead, on the afternoon of June 3, NSA spokesperson Michael Halbig provided VICE News with comments about avenues whistleblowers like Snowden could take to raise concerns about waste, fraud, and abuse. The NSA's statements closely match the language in the Q&A document prepared for the White House, which was turned over in much greater detail as part of the agency's FOIA response.

Perhaps the NSA was hoping to get ahead of VICE News's report. At 11:40pm on June 3, Vines, the NSA spokesperson who clashed with NBC's Matthew Cole and was critical of other journalists' coverage of Snowden, emailed VICE News to say that the 800 documents turned over to us after two years of litigation had been publicly posted to the agency's website.

An NSA cover letter accompanying the release on the website said, "The documents illustrate that, as the Agency reported in May 2014, NSA conducted a thorough search of e-mail and has no records of any e-mail from former NSA contractor Edward Snowden to Agency officials raising concerns about NSA programs."

The letter goes on to say: "[T]he Agency has no record that he submitted complaints to senior NSA leadership — including the NSA Director, Deputy Director, and Executive Director."

It's a denial of claims Snowden never made.

Snowden Claims 'Deceptive' NSA Still Has Proof He Tried to Raise Surveillance Concerns - VICE 20160607

Snowden Claims 'Deceptive' NSA Still Has Proof He Tried to Raise Surveillance Concerns - VICE 20160607

On June 4, VICE News published more than 800 pages of declassified NSA documents that shed new light on the contentious issue of whether Edward Snowden raised concerns about the agency's surveillance programs while he still worked there. Since then, Snowden has alleged there's additional evidence that has not yet been made public.

The former NSA contractor has long maintained that his 2013 leak of a trove of highly classified documents was a last resort after his efforts to sound the alarm about the agency's secret spy programs went largely ignored.

The NSA, meanwhile, has rejected Snowden's narrative, insisting that the closest he got to raising concerns was sending a single email asking a question about the interpretation of legal authorities.

The documents published over the weekend were released in response to a long-running Freedom of Information Act (FOIA) lawsuit filed by VICE News. Heavily redacted, they include an assortment of NSA emails from officials at the NSA, Department of Justice, and the White House, along with talking points about how to respond to the media in the wake of the leaks and subsequent public comments by Snowden.

The documents show that the NSA's narrative about Snowden's one email left out nuance and details about the nature of the question he raised, and didn't disclose all of the relevant contacts he had with people at the NSA. Snowden also had an in-person conversation with an Oversight and Compliance officer around the time he sent the email, though that meeting apparently wasn't documented at the time. The NSA had never publicly revealed that the interaction took place, nor had the agency disclosed that Snowden's former coworkers described "discussing the Constitution" with Snowden.
Snowden declined to comment to VICE News for our story. His attorney, Ben Wizner of the ACLU, said Snowden was "ambivalent" about discussing matters contained in the NSA documents because he believes the agency is "still playing games with selective releases."

Snowden has since responded to our story in a series of tweets, which include claims that the NSA is still withholding pre-2013 email discussions, testimony from his colleagues, and chat logs or transcripts from communication platforms like Jabber, IRC, and Lync. The absence of these files, Snowden contends, is "intentionally deceptive." (VICE News has since submitted FOIA requests for these records.)

"Interesting that this still shows an incomplete history of the concerns I expressed," Snowden wrote. "Simple incompetence, or did NSA destroy records?"

The NSA released Snowden's single email after a heated back and forth between officials at the NSA, DOJ, and White House about the merits of releasing the email and whether it effectively undermined his credibility. In the email, which Snowden sent in April 2013, Snowden asked about the NSA's apparent assertion on a training test that presidential executive orders carried the same legal weight as laws.

The email was released to the public in May 2014, and in the lead-up to that and even in its aftermath, internal communications at the NSA show that officials were concerned about overlooking other relevant communications from Snowden while he was at the agency. In one instance, an unnamed NSA staffer described waking up in the middle of the night, thinking about whether the agency had "checked the right places for any potential surprises."

Days after Snowden's email was released, an unnamed official wrote to NSA director Mike Rogers, cc'ing 31 other NSA officials and one agency listserv. The official apologized for failing to provide Rogers with all the information regarding Snowden's communications with NSA officials related to his concerns. The official acknowledged leaving the NSA's leadership "insufficiently informed," and promised to "correct that going forward."

During testimony to the European Parliament on March 7, 2014, Snowden was asked whether felt like he had "exhausted all avenues before taking the decision to go public."

"Yes," he replied. "I had reported these clearly problematic programs to more than ten distinct officials, none of whom took any action to address them."

The documents don't confirm that assertion, but they do reveal information about something else Snowden discussed: The lack of protection for contractors like him who wished to act as whistleblowers, and the absence of a clear protocol for how contractors could voice concerns or file complaints with the agency.

Canada Is Considering Spying on Kids to Stop Cyberbullying - Vice 20160426

Canada Is Considering Spying on Kids to Stop Cyberbullying - Vice 20160426

Cyberbullying is simply awful, and its consequences can be utterly horrific. Canadians have known this all too well since 17-year-old Rehtaeh Parsons’ suicide in 2013, after photos of her alleged rape circulated online.

It’s only human to want to put a stop to it. But is it worth spying on kids?

To wit, the Canadian government is looking for a person or organization to “conduct an evaluation of an innovative cyberbullying prevention or intervention initiative” in a “sample of school-aged children and youth,” according to a tender notice published by Public Safety Canada last week.

Although nothing has been finalized, the government will consider letting the organization spy on kids’ digital communications to do it, Barry McKenna, the Public Safety procurement consultant in charge of the tender, told me.

“The tender doesn’t preclude or necessarily require digital monitoring,” said McKenna. “But there are certainly products on the market that do that, and I would guess that that kind of intervention would be one of interest.”

The school board overseeing the school used in the study would have to sign off on digital surveillance of kids, McKenna said, and so would Public Safety. McKenna would not disclose whether any person or organization has responded to the tender yet. The government has budgeted $60,000 for the program, the notice states.

“Any use by government of technology to scan the internet and read somebody’s communications obviously raises privacy issues,” said David Fraser, a Canadian privacy lawyer consulting on a new cyberbullying law for Nova Scotia. “Fewer privacy issues if it’s following an intervention and it’s targeted,” he continued, “way more if they’re trying to single out kids in Canada and assess what they’re saying.”

“What we’ve seen come out of Public Safety and most law enforcement agencies is a pretty un-nuanced, heavy-handed, over the top model,” Fraser added. Nova Scotia’s previous cyberbullying law, passed in the wake of Parsons’ suicide, was ruled unconstitutional and struck down for being too broad and infringing on people’s civil rights.

If the Public Safety study ends up taking a more blanket approach to monitoring kids instead of targeting surveillance after an incident, it could also risk undermining communication between kids and their teachers or parents, according to US Cyberbullying Research Center co-director Sameer Hinduja.

“Installing tracking apps undermines any sort of open-minded communication [that] youth-serving adults might have with these kids, because you’re tracking them surreptitiously,” said Hinduja. “Kids, as they get older, want more privacy and freedom. It’s natural—you want it, and I want it.”

This isn’t the first time somebody has considered surveillance as a solution to the complex social issue of kids being absolutely horrific to each other, and it likely won’t be the last. In 2013, The LA Times noted that the Glendale Unified School District in Southern California reportedly paid a firm $40,000 to monitor kids’ social media accounts to combat bullying. The move raised the ire of privacy advocates in the US then, too.

The point, according to Hinduja, is that bullying isn’t a uniquely digital problem. You don’t solve bullying forever by putting a teacher in every hallway, and you don’t fix crime by putting a cop on every corner.

“Cyberbullying isn’t a technological problem,” said Hinduja. “You can’t blame the apps, the smartphones, or the internet. Instead, cyberbullying is rooted in other issues that everyone has been dealing with since the beginning of time: adolescent development, kids learning to manage their problems, and dealing with stress.”

The CIA Illegally Let the Wrong People Do Intelligence Work, Declassified Report Finds - Vice 20160427

The CIA Illegally Let the Wrong People Do Intelligence Work, Declassified Report Finds - Vice 20160427

The CIA violated federal laws and its own internal regulations by hiring independent contractors for a wide variety of intelligence and national security-related work that was supposed to be performed by government employees, according to a CIA Office of Inspector General (OIG) audit report obtained by VICE News in response to a Freedom of Information Act lawsuit.

The report said the CIA "relies heavily on independent contractors to accomplish important facets of its mission," particularly at the National Clandestine Service, the covert arm of the agency responsible for clandestine operations around the world. The report, dated June 22, 2012 but only declassified last month, raised numerous red flags about the CIA's use of independent contractors throughout all divisions within the agency, and for work performed work in areas that included covert operations and protective security services overseas.

By law, that work must be done by CIA employees.

The OIG did not scrutinize the CIA's "industrial contracts" with firms such as Booz Allen Hamilton, but instead reviewed independent contracts into which the agency enters with individuals, who the report said are made up largely of retired CIA case officers.

Senator Dianne Feinstein, the ranking Democrat on the Senate Intelligence Committee, reviewed the OIG report.

"I've had concerns for years about the extensive reliance on contractors by the government, and the intelligence community in particular," Feinstein told VICE News. "The Senate Intelligence Committee has focused in the past on bringing [independent contractors'] jobs back in-house where possible, and it's an area we'll continue to focus on."

The use of independent contractors by US intelligence agencies exploded after 9/11. At the CIA, the number of contractors working for the agency at one point surpassed the number of actual agency employees. At the end of the 113th session of Congress in January 2013, one year after the OIG concluded its audit, the Senate Intelligence Committee said in a report submitted to the Senate that it was concerned about the "dramatic increase in the use of contractors by the [intelligence community] since 9/11."

Although there were some efforts by the intelligence community to reduce the number of independent contractors by either ending their contracts or hiring them as government employees, "data reviewed by the Committee indicate that some elements of the [Intelligence Community] have been hiring additional contractors after they have converted or otherwise removed other contractors, resulting in an overall workforce that continues to grow."

The OIG said it looked at an unknown number of independent contractors' contracts and task orders during fiscal year 2010 (the exact number was redacted from the audit report), and examined whether the CIA complied with federal laws and regulations when it outsourced its work. The OIG found that the CIA did not.

"By using [independent contractors] for these functions, [some divisions within the CIA] have improperly transferred government authorities in violation of federal laws and CIA regulations," said the 39-page report [pdf at the end of this story], which was marked SECRET/NOFORN, meaning it was classified secret and the information could not be shared with foreign nationals. Notable among those laws was the Federal Activities Inventory Reform Act of 1998 (FAIR Act), which mandates that work that is "intimately related to the public interest" must be performed by federal employees.

"To put it another way, contractors have been allowed to usurp authority to which they are not entitled," said Steven Aftergood, who heads the Federation of Americans Scientists' Project on Government Secrecy. "Combined with the diminished oversight and accountability that contractors receive, that is an invitation to misconduct."

The report said "all [CIA] Directorates" use independent contractors. They include the CIA's Open Source Center, where independent contractors provide translation-related services; the Office of Security/Global Response Staff, which employs independent contractors who provide protective services overseas; the Directorate of Intelligence, where contractors "conduct research and analysis on assigned topics and prepare research papers and presentations"; and CIA University, where independent contractors "provide instruction and lectures, facility course segments, and create and provide support materials."

The OIG report singled out two of the offices within the CIA for using independent contractors to perform tasks that should have been carried out by federal employees — the National Clandestine Service and the CIA's Human Resources/Recruitment Center. The report said the latter entered into contracts with a redacted number of independent contractors "in part, to conduct phone and in-person interviews of applicants for employment within the [National Clandestine Service's] Professional Trainee (PT) and Clandestine Service Trainee (CST) Program, which is not in compliance with applicable federal laws" or the CIA's own internal regulations. Federal law explicitly prohibits "the use of contractors for 'the selection or non-selection of individuals for federal government employment, including the interviewing of individuals for employment.'"

Tim Shorrock, author of the book Spies for Hire: The Secret World of Intelligence Outsourcing, said that the report makes clear the National Clandestine Service "appears to be almost unrestrained" in its use of independent contractors.

The OIG report said the use of independent contractors by the National Clandestine Service is so widespread that it created the "appearance of an employer-employee relationship" between the CIA and the National Clandestine Service's independent contractors, which is a violation of CIA regulation and procedures and federal laws.

"There are significant risks to the CIA associated with treating [independent contractors] as employees, including the potential liability for taxes and employee benefits that would have been withheld or paid had the individuals been treated as employees, and potential criticism that the CIA is circumventing its Congressionally mandated personnel ceiling by utilizing [independent contractors] as employees," the audit report said.

One of the most notable of the CIA's National Clandestine Service contracts is the sole-source contract to create and manage the CIA's "enhanced interrogation" program. That contract was awarded to two retired Air Force psychologists who operated and managed the program at a cost of $180 million over five years, according to a report by the Senate Intelligence Committee that probed the efficacy of the CIA's program.

Additionally, VICE News obtained a copy of a CIA contract awarded to Burlington, Massachusetts–based Centra Technology, which the CIA paid more than $40 million for administrative support and other tasks related to the Senate's investigation of the CIA. Feinstein, the former chairwoman of the Senate Intelligence Committee who oversaw the investigation, said the expenditure was a "waste of taxpayer dollars."

The report says the "number of [National Clandestine Service] contract actions increased by 55 percent from fiscal years 2008 to 2010." In many instances contractors began performing work before they were even awarded a contract or task order, a practice that the OIG said "must cease."

"These actions, referred to as unauthorized commitments, are non-binding agreements made by representatives without the authority to enter into contracts on behalf of the US government," the report said.

A section of the OIG audit that identified the National Clandestine Service contracts "with unauthorized commitments" was entirely redacted.

The report also said that independent contractors working for the CIA's counterterrorism center "are performing a supervisory role," a job that should be performed by CIA employees, and another instance in which the CIA violated federal law.

Shorrock said the report shows that CIA officials "have authority to contract with whoever they want, with no paper trail, and to let these privateers do whatever they choose."

"From the National Clandestine Service to black ops and on down the line, virtually every part of the CIA hires independent contractors, 'almost all' of them being retired case officers who are getting wealthy in the process," he said. "Yet there's virtually no oversight, admittedly no documentation, and, according to the report, 42 percent of the time contractors start work without a written contract or even a task order. This is not what you would expect of a secret intelligence service supposedly protecting the national interest."

Scott Amey, an attorney with the non-profit watchdog group Project on Government Oversight, said he's not surprised that contractors are violating the law by performing work that is supposed to be performed by government employees.

"Some of these concerns cited in the report apply to every federal agency, but there is something heightened because we know very little about the CIA's work and who is performing it," Amey said.

The OIG's audit report contained a section titled "What Contractors Can and Can't Do," along with a list of recommendations to address the issues the OIG raised about the CIA's reliance on independent contractors.

Both sections were completely redacted, but whatever the recommendations were, the CIA said it implemented them.

"The OIG made multiple recommendations to various [offices] across the Agency as a result of this audit," said Ryan Trapani, a CIA spokesperson. "All the OIG's recommendations have been implemented by CIA, and the OIG has deemed those actions as satisfying the recommendations."

The report went on to say that task orders were handed out to independent contractors without any specific tasks to be performed. "Instead, almost all of the task orders we reviewed merely stated that [independent contractors] are required to 'provide operational support' to a specific [CIA] station or base," the report said.

At a June 18, 2014 hearing before the Senate Committee on Homeland Security and Governmental Affairs entitled "The Intelligence Community: Keeping Watch Over Its Contractor Workforce," Senator Tom Carper, the committee's chairman, said in his opening remarks that "an agency that turns over too much responsibility to contractors runs the risk of hollowing itself out and creating a weaker organization."

"The agency could also lose control over activities and decisions that should lie with the government, not with contractors," Carper said. "Second, the use of contractors for mission-critical work creates an additional layer of management between the contractor employees and the government. Adding layers makes it more difficult to conduct oversight and to assign accountability. And, third, when agencies turn to contractors as a 'default' option without careful analysis, they run the risk of paying more to get work done than they would have paid if they had just relied on Federal employees."

The exact number of independent contractors who worked for the CIA at the time of the OIG's review was redacted from the audit report, as was the monetary value of their contracts.One of the findings of the OIG's audit was that the CIA could not back up its claims with documentary evidence that the money the agency spends to outsource its work is fair and reasonable.

"Contracting officers and procurement officers are not adequately documenting the price analysis and negotiations used to substantiate the fairness and reasonableness of the prices paid for [independent contractor] services," the report said. "Without such documentation, there is no evidence that analysis is being performed and that the resulting prices are, in fact, fair and reasonable. If the analysis is not being performed, the CIA could be paying more for [independent contractor] services than it should."

How Does CSEC Work with the World’s Most Connected Telecom Company? - VICE 20140401

How Does CSEC Work with the World’s Most Connected Telecom Company? - VICE 20140401

Some servers in a data centre, suckin' up your data.

When Glenn Greenwald and Ryan Gallagher worked with the CBC earlier this year to report that CSEC was using free airport WiFi to spy on Canadian travelers (in at least one documented incident), the mainstream media’s interpretation of this news was quietly refuted on an obscure, fascinating blog called Electrospaces, which approaches telecommunications and surveillance from a much more insider-y and technical perspective.

According to the Electospaces report, the media had largely misinterpreted the significance of CSEC’s airport spying program. It’s not surprising either, given the highly complex nature of basically any surveillance or intelligence presentation that has leaked from the treasure chest of Edward Snowden. They’re written to be opaque, and we’re living through an unprecedented time of unintended intelligence industry transparency.

In a post titled “Did CSEC Really Track Canadian Airport Travelers” written on Electrospaces, Peter Koop, the blog’s founder, published a much different interpretation of the leaks by an unnamed reader. The interpreter writes: “CSEC was just running a pilot experiment where they needed a real-world data set to play with. This document does not demonstrate any CSEC interest in the actual identities of Canadians going through this airport, nor in tracking particular individuals in the larger test town of 300,000 people…

Technically however, CSEC does not have a legal mandate to do even faux-surveillance of Canadian citizens in Canada. So they could be in some trouble—it could morph into real surveillance at any time—because the document shows Canadian laws don't hold them back.”

The post, if you are interested in unpacking the ramifications of the CSEC leaks, is a must-read. Especially since Ronald Deibert, the founder of the Citizen Lab (a University of Toronto thinktank whose mandate is largely to study the intersection between governments and the internet), who the CBC consulted to help interpret the CSEC leaks, commented on the post by writing: “As someone who reviewed the un-redacted documents prior to the CBC publication, and who was unhappy with the story's focus on ‘Free WIFI in airports’ which has spread far and wide, I agree entirely with this analysis.”

One of the key elements that the post examines is CSEC’s cooperation with five different corporations to uncover metadata: Quova (a subsidiary of the American telecom giant Neustar), Bell Sympatico, Boingo (a popular airport WiFi provider), and Akamai (a corporate server company whose actual work is much more complex than this parenthetical will allow).

The relationships between agencies like CSEC and the NSA, and public corporations, is largely unreported. We know that companies like Verizon, Google, Yahoo, andMicrosoft have all cooperated with the NSA to some degree, but how do those relationships manifest themselves in Canada?

It’s worth considering the extent that Canadian taxpayer dollars filter into Wall Street, via the purchase of American surveillance equipment and services. In the case of the airport WiFi leak, where surveillance tools were apparently tested on Canadian citizens by CSEC, the importance of this question becomes underlined and bolded. Simply put, the government is maneuvering on a slippery slope when they use taxpayer money to purchase metadata collection services from publicly traded corporations, which can apparently assist in mass surveillance operations.

For now, lets focus on Quova, one of CSEC’s corporate partners, whose parent company Neustar has been called “the most important tech company you’ve never heard of,” because of its huge share in the clandestine market of law enforcement data requests. In 2012, cell phone carriers in the United States answered over 1 million requests for customer information from cellphone carriers, who were forced to turn over “caller locations, text messages and other data for use in investigations.” While similar requests are underreported in Canada, between April 2012 and March 2013, the Canadian Border issued 18,000 requests for customer data that included: “content of voicemails and text messages, websites visited and the rough location of where a cellphone call was made.”

In a post on Neustar’s blog entitled “FAQs About Neustar and Our Assistance to Law Enforcement,” the company addresses a few questions about their cooperation with American authorities. The post explains that Neustar is the central body that helps connect cell phone customers across various carriers and providers. And, in case you’re wondering: “None of Neustar’s wireless carrier clients can, nor does Neustar on their behalf, ‘ping’ or geolocate a handset device at the request of law enforcement.” So, the company can’t track people down in real time. They also state, “we will deny requests for information when the proper documentation is not provided,” so at least the entrance to their vault of customer metadata isn’t a revolving door.

That said, Neustar did not respond to VICE’s requests for comment to discuss their cooperation with Canadian authorities.

Besides the mention of Quova in CSEC’s free airport WiFi document, the company’s name also popped up in documents that outline the highly contentious joint operation conducted by CSEC and the NSA, against the Brazilian Ministry of Mines and Energy. That story originally broke through the Guardian, and Quova’s name appeared a few times in the leaked Olympia program presentation, which seemed to outline Five Eyes spying on Brazil. Given the more aggressive nature of the Brazil leaks, at least compared to the airport snooping plot, Quova was seemingly used to provide agents with IP ranges (to specifically locate Brazilian government computers), geo-location data related to IP addresses (to find out where these computers are in the world, exactly), and anonymizers to mask their economic espionage.

VICE contacted Peter Koop, the founder of Electrospaces, to discuss the relationship between Quova, Neustar, and CSEC. Mr. Koop had this to say: “I only have evidence that CSEC is using the Quova-tool, which is part of the Neustar portfolio now. But as Neustar is providing a wide range of internet registry and traffic monitoring services, it's very well possible that CSEC also uses other tools and services provided by this company.”

Very well possible indeed, especially considering the steps Neustar has taken to position itself as the go-to source for surveillance assistance. While it’s hard to say just how embedded Neustar is in the world of Five Eyes surveillance, Neustar’s 2005 purchase of Fiducianet, a company specializing in Communications Assistance for Law Enforcement Act (CALEA) compliance, was a firm step in this direction.

At the time, Neustar’s CEO Jeff Ganek said this of the Fiducianet purchase: “Through Fiducianet, Neustar is well positioned to address the law enforcement compliance needs of communications service providers.” Ganek continued, “Service providers are legally on the hook to solve this problem. Fiducianet has the platform that solves it. They can do it better and more efficiently than the carriers themselves.”

The service providers Ganek was referring to were likely the telecom companies that Neustar works with, which as of writing total roughly 5,700. So basically, while your cell phone provider is gouging you on roaming and excessive data use, Neustar could be gouging them for their services that help the Bell's, Rogers', and Telus' of the world deal with law enforcement requests.

Evidently, Canada depends heavily on American corporations to help move into a surveillance-friendly future. In an NSA document detailing the relationship between the NSA and CSEC, NSA authors note that due to CSEC’s “limited ability to produce cryptographic devices,” CSEC is “a large consumer of U.S. IA (Information Assurance) products.”

Information Assurance products, like Neustar’s NeuSentry portfolio (which warns clients to “prepare for the worst” when it comes to cybercrime) can either be cloud-based infrastructure security tools, hardware products for integration into existing computer networks, or third-party monitoring services. In short, Neustar sells a shitload of products that help governments and companies stay secure on the interwebs. These products and services are likely a big part of operational expenses at agencies like CSEC. Apparently the Americans are well aware that Canada needs to spend a ton of our funny money on their fancy telecom data collection tools, which means Neustar must be doing quite well—thanks to Canada’s thirst for metadata and cybersecurity.

It certainly sounds as if strengthening partnerships with corporations is a mandate across the Five Eyes spy agencies. The five-year SIGINT (signals intelligence) Strategy plan for the NSA discusses at length the need to develop “embedded, deeply interactive engagements” with what are described throughout as internal/external and public/private partners. This desire to “fully leverage internal and external NSA partnerships,” seems to indicate that growing the corporate network of the Five Eyes spy agencies is a priority—meaning the expansive and mysterious CSEC and Neustar relationship is only a small part of the puzzle.

This quest to strengthen the partnerships between surveillance agencies and their various partners also reared its head in the 2009 National Security Telecommunications Advisory Committee (NSTAC) report, which asked President Barack Obama to focus on three main objectives: the integration of federal cyber-security activities “under a single, central organizing governance structure,” collaboration with industry leaders in order to develop a “legal framework to protect the nation’s critical infrastructure,” and lastly, the nurturing of “strong public/private partnership(s).” Based on that third goal, it’s not surprising to hear that current Neustar President, CEO and Board of Directors member Lisa Hook was appointed to NSTAC in June of 2011 by President Obama.

VICE reached out to CSEC for comment on their relationship between Neustar in particular, and other public corporations in general, but they only offered a non-answer. One of the agency’s spokespeople, Ryan Foreman, told us: “CSE cannot comment on its operations or capabilities and therefore we are unable to respond to your question.”

Right. Well, moving right along then.

On one hand, it can be considered a good thing that third-party operators like Neustar hold the keys to vaults of metadata that telecommunications leave behind; that they operate as a middle-man between law enforcement agencies (LEA) and the telecom providers who can sometimes struggle with processing LEA requests for information. On the other hand, however, we need to know more about the ways in which these profit-focused enterprises handle all of this information.

In Canada, CSEC’s budget for 2013 was $444 million, and is reported to total $829 million in 2014. In the United States the NSA is said to have spent $10.8 billion in 2013—so where does all of this money go?

We know that public corporations like Neustar are active in domestic and international surveillance operations, and also that understanding the nature of these relationships is about as easy as sneezing with your eyes open. But without information on these relationships, we are only left to guess about how the corporate partners of the Five Eyes alliance inform programs and operations and the extent of their profiteering. As noted by Mr. Koop and confirmed by CSEC’s man of few words, Ryan Foreman, this information is closely guarded.

If public, corporate partners assist in shady operations at Canadian airports and throughout Brazilian ministries, then are they also assisting the US government when it flies drones over Yemen, where it’s alleged that electronic metadata analysis replaced human intelligence, and was used to inform and justify a drone strike that killed 12 members of a wedding party?

It doesn’t take an internet-savvy Sherlock Holmes to see that there’s something off about taxpayer money being funneled into a public corporation that assists in dodgy surveillance operations, that sometimes targets those same taxpayers, and may piss off friendly nations like Brazil in the process—all the while operating in a way that must necessarily benefit shareholders.

Public corporations like Neustar have access to what they call “unique, authoritative datasets,” and aim to position themselves as one-stop shops for LEA’s, while remaining beholden to their shareholders and the pursuit of profit above all. In the arena of espionage assistance, this relationship is concerning to say the least.

How rich are the already-wealthy telecom companies getting by way of Canadian tax dollars? Has that tax money ever been used to pay for assistance in surveillance operations conducted against Canadians? Are public corporations selling potentially unreliable data to LEAs in the name of maximizing profits? If so, is this data used to inform programs, like the drone missions, that result in the wrongful death of innocents?

These are big questions that to date remain unanswered.

Browne, Rachel - Canada’s Spy Agency Disputes Idea That Personality and Terrorism Aren’t Linked - 20151231

Browne, Rachel - Canada’s Spy Agency Disputes Idea That Personality and Terrorism Aren’t Linked - 20151231

It's an accepted truth among terrorism experts that someone's personality does not indicate whether they will become a terrorist

"As of now, there is no specific terrorist profile," Jocelyn Bélanger, a professor at the Université du Quebec à Montreal who specializes in radicalization, told the Homeland Security News Wire earlier this year. "They come in all shapes and sizes."

But a new report by Canada's spy agency, the Canadian Security Intelligence Service (CSIS), challenges that assumption, and argues that a common link between personality and terrorism "remains possible."

The report, which does not name its author, entitled Personality Traits and Terrorismpublished this month on the Canadian Network for Research on Terrorism, Security and Society website is the first of its kind published by the agency.

"Researching how personality affects an individual's involvement in terrorism may contribute to a better understanding of radicalization, and potentially increase the effectiveness of programs aimed at countering violent extremism," the report states, adding that there's a need for "Western security agencies" to "better understand the psychological factors that lead Western citizens to accept the legitimacy of terrorism."

The paper certainly does not betray any state secrets, and is based primarily on open source scholarly articles. But it's rare for CSIS to release its reports openly, and doing so provides a glimpse into its interests.

Based on a review of recent studies, the report concludes the claims that a terrorist personality does not exist are "unfounded."

CSIS spokesperson Tahera Mufti did not explain exactly why the agency decided to publish this particular paper, but said that while CSIS is usually a "consumer of such research," it's "looking to encourage researchers to further our understanding of who gets involved in threat-related activities."

Phil Gurski, a former CSIS strategic analyst and author of a recent book on violent extremism in Canada, said he was surprised such a report had been released to the public, as it rarely happens.

And he doesn't see how knowing whether there are common personality traits would help prevent terrorist attacks.

"I'm not sure how we would test for them and how we would use them as a sorting tool to winnow the problematic characteristics from the ones that aren't going to become a problem. It's a fascinating research question, but I don't see how it's operational," he said.

"As an organization that's involved in investigating threats to national security, and that means investigating people, obviously it helps to know more about certain people and their psychological and personality characteristics in terms of how you approach them," he said. "But in terms of predictability, in terms of narrowing the field of potential subjects, I'm really skeptical about how useful it is."

Gurski's book, the Threat from Within: Recognizing Al Qaeda-Inspired Radicalization and Terrorism in the West, outlines 12 behaviors and attitudes law enforcement can look for in people suspected to be radicalized. Many of them were identified among those involved in recent successful and foiled terrorist plots in Canada, including the October 2014 attack on Parliament Hill, he said.

These so-called "behavioral indicators" range from sudden intolerant religious views, a rejection of Western values such as democracy and equality, and an obsession with the end-times and jihadi sites.

"The beauty of these indicators is that because these people tend to believe these things very fervently, they don't hesitate to share them, which means you don't have to dig for them," he said. "In a perfect world, if we came up with a really simple test to determine who is a terrorist, the problem is can you reliably make a link between a personality type and a future action? I don't think the answer is yes."

The recently elected Liberal government has promised it will repeal parts of controversial Bill C-51, the previous government's sweeping anti-terror legislation, which came into effect earlier this year, that significantly broadened CSIS' intelligence-gathering and sharing abilities.

This month, VICE News wrote about the Privacy Commissioner of Canada's annual report, which slammed the federal government's surveillance of its citizens. Specifically, it called for the new government to change aspects of three pieces of legislation, including C-51, in order to limit CSIS' new powers.