Let me break this to you gently. The government is not interested in your conversations with your aunt, unless, of course, she is a key terrorist leader. More than 100 billion emails were sent every day last year — 100 billion, every day. In that vast mass of data lurk a few bits that are of urgent interest and vast terabytes of tedium that are not. Unfortunately, the metadata (the phone numbers, length of contact, and so forth, but not the content of the conversations) that sketch the contours of a call to your family member may fall into the same enormous bucket of information that includes information on the next terrorist threat. As Jeremy Bash, the former chief of staff of the CIA, memorably put it, “If you’re looking for a needle in the haystack, you need a haystack.”
Unfortunately, during the Snowden affair, many news outlets have spent more time examining ways the government could abuse the information it has access to while giving scant mention to the lengths to which the intelligence community goes to protect privacy. We have spent enormous amounts of time and effort figuring out how to disaggregate the important specks from the overwhelming bulk of irrelevant data.
This is done under tight and well-thought-out strictures. I witnessed firsthand the consequences of breaking the privacy rules of my former organization, the National Counterterrorism Center. As the center’s deputy director, I had to fire people, good people, and remove others from their posts for failing to follow the rules about how information could be accessed and used. It didn’t happen often, and it was never a malicious attempt to gather private information. We had mandatory training and full-time staffers to supervise privacy regulations. We used precious resources to hire lawyers and civil liberties experts to oversee our efforts. And on those few occasions when we made mistakes, the punishments were swift and harsh.
Yes, some things that are classified probably don’t need to be. That may undermine public trust and dilute our ability to protect the data that really need protecting. But some things — especially U.S. sources and methods — must be kept secret. Snowden didn’t offer fresh insight about a massive policy failure. Rather, he took upon himself the authority to decide what tradecraft the intelligence community needs to keep his fellow citizens safe. Sadly, Snowden has captured the public’s imagination and attention, and the government’s reaction now seems too little, too late and too reactive. But the intelligence community — always a less sympathetic protagonist than a self-styled whistle-blower — actually has a good story to tell about how seriously the government takes privacy issues. We should tell it.
Andrew Liepman, a senior analyst at Rand Corp., was a career CIA officer and is a former deputy director of the National Counterterrorism Center. He wrote this for the Los Angeles Times.