26 September 2003

Embedding Integrity
One of the major problems in publishing—whether in the so-called "news" (most of which is no longer "new" by the time it makes it into the mainstream press) or in longer works—is that neither reporters/authors nor their editors know diddly-squat about source authentication. This is most apparent in, but far from unique to, the weapons of mass destruction issue in Iraq.

   Part of this comes from peculiarities of the intelligence culture. Handlers and controllers—the "I'm not a spy, I just supervise them" people who are actually available as potential sources—always have at least two or three hidden agendas. This is natural, necessary, and nonetheless disturbing. After the West's pitiful performance at human-source intelligence during the Cold War, there is a somewhat justifiable paranoia in the intelligence community about releasing information in a way that might compromise an intelligence resource. (Yes, that is the official doublespeak euphemism.) The problem is that the method that has been chosen is ill-considered and actually encourages efforts that have even greater risks. Officially, information simply will not be released in a form that could be verified (or challenged) by outsider investigation. Unofficially, favored journalists and authors get leaks. Since very, very few of these journalists and authors would be able to recognize legitimate raw intelligence in the first place, their efforts at verification, if any, can be directed or sabotaged by, umm, internal editorial efforts (another official doublespeak euphemism).

   The kneejerk reaction is "well, let's hire some former intelligence community people as reporters and consultants." That is all well and good, but there is a serious catch-22: Those individuals who have sufficient knowledge of raw intelligence to interpret it for journalists/authors are either restricted from discussing the subject matter or not credible due to personal agendas (or worse)—or both. Those individuals who are available for comment do not have the expertise working with raw intelligence to guide journalists/authors in verification efforts that will not simultaneously jeopardize those at risk.

   Of course, there is an alternative. It is a difficult and expensive alternative, and one that could seriously jeopardize political ambitions of individuals both inside and connected to the intelligence community, which is why it has never been tried and never will be. In the long term, the key is to teach journalists and authors the methods used in gathering and evaluating raw intelligence from the perspective of the controllers and analysts. This creates two risks, one of which is potentially real and the other of which is the real "justification" for not doing so. The first is the risk that teaching methods to individuals who are not under control could lead to compromise of those methods, either accidentally or worse. Given that the whole point of gathering human intelligence is that perfect security is impossible, this cannot be discounted as a problem. The community is worried enough about cooptation of people in its own control, and is absolutely paranoid about those whom it cannot control. Just because they are paranoid, though, does not mean that there is nobody out to get them. The second is the risk that teaching the methods to outsiders will enable outsiders to authoritatively challenge official interpretations. This is a "one mistake" area: a journalist or author who makes the mistake even once of publicizing such a challenge will be frozen out by bureaucrats and politicians whose personal and political interests are tied to the official interpretation. Thus, authors and journalists do not have an interest in spending upward of two years learning how to interpret raw intelligence only to be frozen out in thirty seconds, and those with the knowledge to teach them the methods have no interest in doing so.

   All of this comes from the theory of EEFIs—essential items of friendly information. An EEFI is an unclassified (or otherwise not legally restricted) piece of information that, by itself, does not reveal any classified (or otherwise legally restricted) information but, in combination with other information, could do so. One example of an EEFI would be a phone book for NSA headquarters. Even if job titles were removed, it would then become possible to start building up a picture of who supervises whom at NSA headquarters. By itself, this is not necessarily bad. However, it does help target both weaknesses and high-value objectives. If one is interested only in whether the NSA has intercept information related to, say, Southwest Asia, it is very helpful to be able to exclude those who work on Latin American intercepts—and to know, if someone comes in offering intelligence, whether that individual would have access to what he or she is offering to sell.

   That the First Amendment and contemporary theories of intelligence gathering and analysis are in serious tension cannot be denied. The question, though, is exactly what constitutes a "suicide pact." While the Constitution may not be a "suicide pact," it is intellectually and morally dishonest to construe every potential compromise or criticism of official policy as an inevitable step onto that slippery slope. One must also remember that, as the military officer's oath implies, not all enemies of the Constitution are foreign. Refusal to deal with seemingly minor infections can lead to gangrene, in the body human or the body politic.