Posts

Confirmed: Listening to Whistleblower John Reidy Could Have Saved the Lives of Numerous CIA Assets

Back in 2015, I looked at the whistleblower case of John Reidy, a former CIA contractor who had warned of catastrophic failures in a communications system.

Reidy describes playing three roles in 2005: facilitating the dissemination of intelligence reporting to the Intelligence Community, identifying Human Intelligence (HUMINT) targets of interest for exploitation, and (because of resource shortages) handling the daily administrative functions of running a human asset. In the second of those three roles, he was “assigned the telecommunications and information operations account” (which is not surprising, because that’s the kind of service SAIC provides to the intelligence community). In other words, he seems to have worked at the intersection of human assets and electronic reporting on those assets.

Whatever role he played, he described what by 2010 had become a “catastrophic intelligence failure[]” in which “upwards of 70% of our operations had been compromised.” The problem appears to have arisen because “the US communications infrastructure was under siege,” which sounds like CIA may have gotten hacked. At least by 2007, he had warned that several of the CIA’s operations had been compromised, with some sources stopping all communications suddenly and others providing reports that were clearly false, or “atmospherics” submitted as solid reporting to fluff reporting numbers. By 2011 the government had appointed a Task Force to deal with the problem he had identified years earlier, though some on that Task Force didn’t even know how long the problem had existed or that Reidy had tried to alert the CIA and Congress to the problem.

All that seems to point to the possibility that tech contractors had set up a reporting system that had been compromised by adversaries,

When news of CIA’s loss of numerous Chinese assets came out, I again pointed back to Reidy’s warnings.

Today, Yahoo confirms that the communications system weakness first identified by Reidy 11 years ago was indeed exploited first by Iran (where, Yahoo says, Reidy was stationed), then by China, and to a lesser degree, Russia.

Iran was able to use the vulnerability to unwind the US’ network of spies by using Google to identify signatures of the system.

This hunt for CIA sources eventually bore fruit — including the identification of the covert communications system.

A 2011 Iranian television broadcast that touted the government’s destruction of the CIA network said U.S. intelligence operatives had created websites for fake companies to recruit agents in Iran by promising them jobs, visas and education abroad. Iranians who initially thought they were responding to legitimate opportunities would end up meeting with CIA officers in places like Dubai or Istanbul for recruitment, according to the broadcast.

Though the Iranians didn’t say precisely how they infiltrated the network, two former U.S. intelligence officials said that the Iranians cultivated a double agent who led them to the secret CIA communications system. This online system allowed CIA officers and their sources to communicate remotely in difficult operational environments like China and Iran, where in-person meetings are often dangerous.

A lack of proper vetting of sources may have led to the CIA inadvertently running a double agent, said one former senior official — a consequence of the CIA’s pressing need at the time to develop highly placed agents inside the Islamic Republic. After this betrayal, Israeli intelligence tipped off the CIA that Iran had likely identified some of its assets, said the same former official.

The losses could have stopped there. But U.S. officials believe Iranian intelligence was then able to compromise the covert communications system. At the CIA, there was “shock and awe” about the simplicity of the technique the Iranians used to successfully compromise the system, said one former official.

In fact, the Iranians used Google to identify the website the CIA was were using to communicate with agents. Because Google is continuously scraping the internet for information about all the world’s websites, it can function as a tremendous investigative tool — even for counter-espionage purposes. And Google’s search functions allow users to employ advanced operators — like “AND,” “OR,” and other, much more sophisticated ones — that weed out and isolate websites and online data with extreme specificity.

According to the former intelligence official, once the Iranian double agent showed Iranian intelligence the website used to communicate with his or her CIA handlers, they began to scour the internet for websites with similar digital signifiers or components — eventually hitting on the right string of advanced search terms to locate other secret CIA websites. From there, Iranian intelligence tracked who was visiting these sites, and from where, and began to unravel the wider CIA network.

Yahoo describes that Iran and China likely traded technology, which is how China proceeded to use the same technique to target CIA assets.

While Yahoo doesn’t emphasize it, it seems likely that if SAIC and Raytheon hadn’t had so much power when Reidy first started warning of this compromise, it would have been addressed far more quickly. Instead, he lost clearance and was fired.

Which, on top of a lot of other lessons, seems to be a superb example of how ignoring a whistleblower can have catastrophic consequences.

Were Shitty SAIC Systems the Cause of the CIA’s China Disaster?

The NYT has a story about how China started rolling up CIA’s spy network in 2010, the cause of which (the story says) still has not been solved. One possible cause is that a Chinese-American exposed America’s spies to the Chinese. But the government was never able to establish enough proof that he was the Chinese mole to arrest him, not even when they lured him back to the US to try to bust him.

The mole hunt eventually zeroed in on a former agency operative who had worked in the C.I.A.’s division overseeing China, believing he was most likely responsible for the crippling disclosures. But efforts to gather enough evidence to arrest him failed, and he is now living in another Asian country, current and former officials said.

[snip]

As investigators narrowed the list of suspects with access to the information, they started focusing on a Chinese-American who had left the C.I.A. shortly before the intelligence losses began. Some investigators believed he had become disgruntled and had begun spying for China. One official said the man had access to the identities of C.I.A. informants and fit all the indicators on a matrix used to identify espionage threats.

After leaving the C.I.A., the man decided to remain in Asia with his family and pursue a business opportunity, which some officials suspect that Chinese intelligence agents had arranged.

Officials said the F.B.I. and the C.I.A. lured the man back to the United States around 2012 with a ruse about a possible contract with the agency, an arrangement common among former officers. Agents questioned the man, asking why he had decided to stay in Asia, concerned that he possessed a number of secrets that would be valuable to the Chinese. It’s not clear whether agents confronted the man about whether he had spied for China.

The man defended his reasons for living in Asia and did not admit any wrongdoing, an official said. He then returned to Asia.

A second possibility is that bad tradecraft allowed China to discover America’s spies.

Those who rejected the mole theory attributed the losses to sloppy American tradecraft at a time when the Chinese were becoming better at monitoring American espionage activities in the country. Some F.B.I. agents became convinced that C.I.A. handlers in Beijing too often traveled the same routes to the same meeting points, which would have helped China’s vast surveillance network identify the spies in its midst.

Some officers met their sources at a restaurant where Chinese agents had planted listening devices, former officials said, and even the waiters worked for Chinese intelligence.

A third possibility — which the NYT doesn’t examine at length and which it ties to the poor tradecraft — is that China hacked the CIA’s method of communicating with assets.

Others believed that the Chinese had hacked the covert system the C.I.A. used to communicate with its foreign sources.

[snip]

Some investigators believed the Chinese had cracked the encrypted method that the C.I.A. used to communicate with its assets.

[snip]

This carelessness, coupled with the possibility that the Chinese had hacked the covert communications channel, would explain many, if not all, of the disappearances and deaths, some former officials said.

I lay these three possibilities out because the timing of the moment the exposure became critical — 2010 and 2011 — and the allusions to a hacked covert communication channel sound a lot like what CIA whistleblower John Reidy complained about seeing his employer, SAIC, oversee starting in 2005. While his complaint is heavily redacted, it sounded like he accused SAIC of providing inadequate security for a system serving the intersection of human assets and electronic reporting.

[H]is heavily redacted appeal at least appears to suggest his complaint was very serious and should have been a timely way to limit the compromise of CIA assets and officers.

Reidy describes playing three roles in 2005: facilitating the dissemination of intelligence reporting to the Intelligence Community, identifying Human Intelligence (HUMINT) targets of interest for exploitation, and (because of resource shortages) handling the daily administrative functions of running a human asset. In the second of those three roles, he was “assigned the telecommunications and information operations account” (which is not surprising, because that’s the kind of service SAIC provides to the intelligence community). In other words, he seems to have worked at the intersection of human assets and electronic reporting on those assets.

Whatever role he played, he described what by 2010 had become a “catastrophic intelligence failure[]” in which “upwards of 70% of our operations had been compromised.” The problem appears to have arisen because “the US communications infrastructure was under siege,” which sounds like CIA may have gotten hacked. At least by 2007, he had warned that several of the CIA’s operations had been compromised, with some sources stopping all communications suddenly and others providing reports that were clearly false, or “atmospherics” submitted as solid reporting to fluff reporting numbers. By 2011 the government had appointed a Task Force to deal with the problem he had identified years earlier, though some on that Task Force didn’t even know how long the problem had existed or that Reidy had tried to alert the CIA and Congress to the problem. [my emphasis]

All that seems to point to the possibility that tech contractors had set up a reporting system that had been compromised by adversaries, a guess that is reinforced by his stated desire to bring a “qui tam lawsuit brought against CIA contractors for providing products whose maintenance and design are inherently flawed and yet they are still charging the government for the products.”

The task force described in Reidy’s complaint coincides with the “Honey Badger” investigation described in the NYT, and the scale of the losses — 70% of operations compromised — sounds the same too. Reidy complained that those working on the task force didn’t learn how long he had been calling attention to the problem. And as he was appealing his complaint, he was being spied on by the intelligence community.

Of course, Reidy’s complaints were especially easy to silence because he was a contractor that the intelligence contractor community basically blacklisted.

I’m checking with the NYT reporters to see if this sounds like their story. But either the CIA had two catastrophic intelligence failures at the same time in 2010, or this sounds like the Chinese compromise.

In which case the fourth possibility to explain the compromise is that shitty intelligence contractors created the problem and then covered it up.

Did China and Russia Really Need Our Help Targeting Spook Techies?

LAT has a story describing what a slew of others — including me — have already laid out. The OPM hack will enable China to cross-reference a bunch of databases to target our spooks. Aside from laying all that out again (which is worthwhile, because not a lot of people are still not publicly discussing that), LAT notes Russia is doing the same.

But other than that (and some false claims the US doesn’t do the same, including working with contractors and “criminal” hackers) and a review of the dubiously legal Junaid Hussain drone killing, LAT includes one piece of actual news.

At least one clandestine network of American engineers and scientists who provide technical assistance to U.S. undercover operatives and agents overseas has been compromised as a result, according to two U.S. officials.

I would be unsurprised that China was rolling up actual HUMINT spies in China as a result of the OPM breach (which would explain why we’d be doing the same in response, if that’s what we’re doing). But the LAT says China (and/or Russia) is targeting “engineers and scientists who provide technical assistance” to spooks — one step removed from the people recruiting Chinese (or Russian) nationals to share its country’s secrets.

I find that description rather curious because of the way it resembles the complaint by CIA contractor whistleblower John Reidy in an appeal of a denial of a whistleblower complaint by CIA’s Inspector General. (Marisa Taylor first reported on Reidy’s case.) As I extrapolated from redactions some weeks ago, it looks like Reidy reported CIA’s reporting system getting hacked at least as early as 2007, but the contractors whose system got (apparently) hacked got him fired and CIA suppressed his complaints, only to have the problem get worse in the following years until CIA finally started doing something about it — with incomplete information — starting in 2010.

Reidy describes playing three roles in 2005: facilitating the dissemination of intelligence reporting to the Intelligence Community, identifying Human Intelligence (HUMINT) targets of interest for exploitation, and (because of resource shortages) handling the daily administrative functions of running a human asset. In the second of those three roles, he was “assigned the telecommunications and information operations account” (which is not surprising, because that’s the kind of service SAIC provides to the intelligence community). In other words, he seems to have worked at the intersection of human assets and electronic reporting on those assets.

Whatever role he played, he described what by 2010 had become a “catastrophic intelligence failure[]” in which “upwards of 70% of our operations had been compromised.” The problem appears to have arisen because “the US communications infrastructure was under siege,” which sounds like CIA may have gotten hacked. At least by 2007, he had warned that several of the CIA’s operations had been compromised, with some sources stopping all communications suddenly and others providing reports that were clearly false, or “atmospherics” submitted as solid reporting to fluff reporting numbers. By 2011 the government had appointed a Task Force to deal with the problem he had identified years earlier, though some on that Task Force didn’t even know how long the problem had existed or that Reidy had tried to alert the CIA and Congress to the problem.

All that seems to point to the possibility that tech contractors had set up a reporting system that had been compromised by adversaries, a guess that is reinforced by his stated desire to bring a “qui tam lawsuit brought against CIA contractors for providing products whose maintenance and design are inherently flawed and yet they are still charging the government for the products.” In his complaint, he describes Raytheon employees being reassigned, suggesting that contracting giant may be one of the culprits, but all three named contractors (SAIC, Raytheon, and Mantech) have had their lapses; remember that SAIC was the lead contractor that Thomas Drake and friends exposed.

Reidy’s appeal makes it clear that one of the things that exacerbated this problem was overlapping jurisdiction, with a functional unit apparently taking over control from a geographic unit. While that in no way rules out China, it sounded as much like the conflict between CIA’s Middle East and Counterterrorism groups that has surfaced in other areas as anything else.

The reason I raise Reidy is because — whether or not the engineers targeted as described in the LAT story are the same as the ones Reidy seems to describe — Reidy’s appeal suggests the problem he described arose from contractor incompetence and cover-ups.

I guess you could say the same about the OPM hack (though it was also OPM’s incompetence). Except in the earlier case, you’re talking far more significant intelligence contractors — including SAIC and Raytheon, who both do a lot of cybersecurity contracting on top of their intelligence contracting — and a years-long cover up with the assistance of the agency in question.

All while assets were being exposed, apparently because of insecure computer systems.

China’s hacking is a real threat to the identities of those who recruit human sources (and therefore of the human sources themselves).

But if Reidy’s complaint is true, then it’s not clear how much work China really needs to do to compromise these identities.

Michael Hayden, Privacy and Counterterrorism Frugality Champion

Of 1,423 words in an article questioning whether deficit hawkery might cut the domestic spying budget, Scott Shane devotes over a sixth–roughly 260–describing what former NSA and CIA Director Michael Hayden thinks about the balances between funding and security.

Remarkably, none of those 260 words disclose that Hayden works for Michael Chertoff’s consulting group, which profits off of big domestic spying. This, in an article that cites Chertoff’s electronic border fence among the expensive counterterrorism duds that were subsequently shut down (Shane mentions “puffer” machines as well, but not the Rapiscan machines that Chertoff’s group lobbied for, which are now being withdrawn as well).

And then there’s a passage of Shane’s article that touches on topics in which Hayden’s own past actions deserve disclosure.

Like other intelligence officials after 2001, Mr. Hayden was whipsawed by public wrath: first, for failing to prevent the Sept. 11 attacks, and then, a few years later, for having permitted the National Security Agency to eavesdrop on terrorism suspects in the United States without court approval.

Perhaps, as a result, he often says that the American people need to instruct the government on where to draw the line. He told an audience at the University of Michigan last month, for instance, that while a plot on the scale of the Sept. 11 attacks was highly unlikely, smaller terrorist strikes, like the shootings by an Army psychiatrist at Fort Hood in Texas in 2009, could not always be stopped.

“I can actually work to make this less likely than it is today,” Mr. Hayden said. “But the question I have for you is: What of your privacy, what of your convenience, what of your commerce do you want to give up?”

To be fair, Shane counters Hayden’s claims by noting that “secrecy … makes it tough for any citizen to assess counterterrorism programs.”

But he doesn’t mention one of the biggest examples where Hayden–where anyone–chose both the most expensive and most privacy invasive technology: the wiretap program Hayden outsourced to SAIC rather than use in-house solutions.

As Thomas Drake has made clear, by outsourcing to SAIC, Hayden spent 300 times as much as he would have with the in-house solution.

One of them was Lieutenant General Michael Hayden, the head of the agency: he wanted to transform the agency and launched a massive modernization program, code named: “Trailblazer.” It was supposed to do what Thin Thread did, and more.

Trailblazer would be the NSA’s biggest project. Hayden’s philosophy was to let private industry do the job. Enormous deals were signed with defense contractors. [Bill] Binney’s Thin Thread program cost $3 million; Trailblazer would run more than $1 billion and take years to develop.

“Do you have any idea why General Hayden decided to go with Trailblazer as opposed to Thin Thread, which already existed?” Pelley asked.

[snip]

Asked to elaborate, Drake said, “Careers are built on projects and programs. The bigger, the better their career.” [my emphasis]

Along the way, Hayden repeatedly blew off Congressional staffer Diane Roark’s inquiries about privacy protection.

When Binney heard the rumors, he was convinced that the new domestic-surveillance program employed components of ThinThread: a bastardized version, stripped of privacy controls. “It was my brainchild,” he said. “But they removed the protections, the anonymization process. When you remove that, you can target anyone.” He said that although he was not “read in” to the new secret surveillance program, “my people were brought in, and they told me, ‘Can you believe they’re doing this? They’re getting billing records on U.S. citizens! They’re putting pen registers’ ”—logs of dialled phone numbers—“ ‘on everyone in the country!’ ”

[snip]

[Former HPSCI staffer Diane Roark] asked Hayden why the N.S.A. had chosen not to include privacy protections for Americans. She says that he “kept not answering. Finally, he mumbled, and looked down, and said, ‘We didn’t need them. We had the power.’ He didn’t even look me in the eye. I was flabbergasted.” She asked him directly if the government was getting warrants for domestic surveillance, and he admitted that it was not. [my emphasis]

So it’s not just disclosure of all the ways Hayden has and does profit off of continued bloated domestic surveillance that Shane owes his readers: he also should refute Hayden’s claims about the relationship between cost, privacy, and efficacy.

Michael Hayden’s SAIC-NSA boondoggle is one case where secrecy no longer hides how much money was wasted for unnecessary privacy violations.

Yet somehow, that spectacular example of the unnecessary waste in domestic spying doesn’t make it into the 260 words granted to Hayden to argue we need continued inflated spending.

The Transnational Crime Organizations Chasing the Transnational Crime Organizations

William Arkin has a post on the proliferation of what he calls the “counter-everything” trend–organizations targeting transnational organizations that sell drugs or people or whatever. He ends it by wondering why this is all getting worse–why borders are more porous after 10 years of purportedly combating transnational whatevers.

Finally, one has to ask, with all of the enhanced intelligence collection and sharing and border control that is part of the post 9/11 world, why is this problem getting worse?  How is that possible, that borders are more porous?  So much for the war against terrorism.

You might start with the fact that in response to a threat posed by unprivileged enemy combatants (AKA terrorists) we sent out a bunch of men, not wearing uniforms, to engage in warfare that mirrors those other unprivileged combatants.

But the problem becomes even more apparent when you read Arkin’s list of contractors getting rich of the pursuit of transnational criminal organizations.

Other contractors providing intelligence support to the trafficking empire include: BAE Systems, Celestar, Delex Systems, Duer Advanced Technology & Aerospace (DATA), FedSys, Inc., General Dynamics Information Technology, L-3 STRATIS, Lockheed Martin, Northrop Grumman, Prosync Technology Group, and SAIC.  Parsons Corporation is working on the methamphetamine/precursor chemicals problem set for the DIA.

My favorite among these is BAE, which almost caught money laundering to set up a slush fund for covert ops, until the Saudis threatened to stop partnering with us to combat the terrorism that Saudis citizens were then and probably are still funding.

I guess DOD wanted to bring in experts on transnational crime.

Then Tim Shorrock got into the laugh, and pointed out that SAIC recently got caught running a giant kickback scheme to defraud NYC. Lucky for SAIC the Obama Administration hasn’t ended the fetish for Deferred Prosecution Agreements that let companies like this continue chasing transnational thieves.

And then there’s the really seedy pick: of Parsons Corporation–they were literally deemed the “most wasteful” Iraq contractor, making them a bit of a poster child for corruption–“working on the methamphetamine/precursor chemicals problem set for the DIA.” Mind you, when Parsons was last robbing federal taxpayers and even now, they billed themselves primarily as a construction company (they’re famous for schools in Iraq that started crumbling before they were finished)–though they have branched out into the spook business. And yet they’ve sold themselves as drug experts to the Defense Intelligence Agency.

I simply can’t imagine why the transnational crime problem continues to grow.

Did Thomas Drake Include Privacy Concerns in His Complaints to DOD’s Inspector General?

I’ve been reviewing the docket on Thomas Drake’s case to see whether it touches on the privacy concerns Drake had about NSA’s post-9/11 activities.

It appears it doesn’t, even while there was an ongoing dispute about whether or not Drake will have access to the materials he submitted to the DOD Inspector General in support of claims that the ThinThread program operated more effectively than the Trailblazer program that Michael Hayden chose to enrich SAIC with instead (the Judge ruled that material would be admissible, but not a formal whistleblower defense, which Drake wasn’t trying to do anyway).

There are a couple of reasons why the silence, in the legal filings, about privacy concerns is interesting (aside from the fact that it’s a focus of Jane Mayer’s article.

First, because the two-sentence summary of the conclusion of the DOD IG Report on Trailblazer and ThinThread that the defense provides in a filing doesn’t address privacy.

In 2004, after more than a year of fact-finding, the Inspector General issued its initial audit findings. In a report entitled, “Requirements for the Trailblazer and Thinthread Systems,” the auditors concluded that “the National Security Agency is inefficiently using resources to develop a digital network exploitation system that is not capable of fully exploiting the digital network intelligence available to analysts from the Global Information Network . . . (T)he NSA transformation effort may be developing a less capable long-term digital network exploitation solution that will take longer and cost significantly more to develop.” The NSA continued to support the “less capable” program and its successor.

Which suggests the IG Report may not have addressed the claim that, in addition to being less efficient at “connecting the dots” than ThinThread, Trailblazer also offered none of the privacy protections ThinThread had.

That’s important because the government argued that Drake couldn’t claim to be a whistleblower because, by 2007, the issues at hand were resolved. They’re arguing both that any whistleblower claims would be mooted because Turbulence, Trailblazer’s successor, integrated “significant portions” of ThinThread, and that the debate was “over” by 2007, when Drake was (according to the indictment) serving as a source for Baltimore Sun reporter Siobhan Gorman.

In or about December 2004, the DOD IG completed its audit of [Trailblazer], including the allegations raised in the complaint letter. The NSA responded in August 2004 and February 2005, stating that based on the judgments of NSA’s experienced technical experts, the allegations were unfounded. Nonetheless, NSA agreed to incorporate significant portions of [ThinThread] into [Trailblazer] as a result of the DOD IG recommendations, thus largely mooting the issues raised in the complaint. In addition, starting in late 2005 and early 2006, the NSA transitioned away from [Trailblazer] to [Turbulence], another corporate architecture solution for Signals Intelligence collection.

[snip]

Just as importantly, by 2007, the timeframe of the charges in this case, there was no imminent harm faced by the defendant, because [Trailblazer] had incorporated elements of [ThinThread], and also because NSA had transitioned away from [Trailblazer] to [Turbulence].

[snip]

The defendant’s actions had no impact in the debate regarding the efficacy of [Trailblazer and ThinThread], because NSA had begun transitioning to [Turbulence] by 2006. Put simply, the debate was over.

There’s a lot going on in this passage. Obviously, the government is trying to claim that since Drake was allegedly collecting information for Gorman in 2007, he couldn’t claim he was whistleblowing.

Mind you he was not claiming he was whistleblowing, in the legal sense. He was only trying to get the IG materials to prove that’s why he collected three of the documents he’s accused of willingly keeping; basically, he’s arguing that if he overlooked three documents out of 5 boxes worth originally collected for the IG–and did not retain the really classified materials–that he basically just overlooked the three documents, rather than willfully retained them.

And the government is playing funny with dates. After all, they say Drake served as a source for Gorman from February 27, 2006, to November 28, 2007. The key story about ThinThread Drake served as a source for was dated May 18, 2006. And one of the charges accuses Drake of obstruction for shredding other documents. So not only is the 2007 date bogus because it igonores debates ongoing in 2006, but the government suggests that either Drake would be guilty for illegally retaining information, or obstructing an investigation. Moreover, Drake maintains he inadvertently included the three IG-related documents in the several boxes of unclassified materials, so the fact the debate was over is pointless.

Moreover, the successor to Trailblazer, Turbulence, was suffering from the same management problems Trailblazer had, as the defense notes just after citing the IG Report. The government wants to pretend the shift from Trailblazer to Turbulence ended the complaints about management problems, but it didn’t.

But then there’s the way the government portrays the IG complaint: efficacy. As I laid out the other day, there are four ways, Gorman’s sources claim, that ThinThread was better than Trailblazer:

The program the NSA rejected, called ThinThread, was developed to handle greater volumes of information, partly in expectation of threats surrounding the millennium celebrations. Sources say it bundled together four cutting-edge surveillance tools. ThinThread would have:

* Used more sophisticated methods of sorting through massive phone and e-mail data to identify suspect communications.

* Identified U.S. phone numbers and other communications data and encrypted them to ensure caller privacy.

* Employed an automated auditing system to monitor how analysts handled the information, in order to prevent misuse and improve efficiency.

* Analyzed the data to identify relationships between callers and chronicle their contacts. Only when evidence of a potential threat had been developed would analysts be able to request decryption of the records.

In other words, privacy was just one of three ways ThinThread was better than Trailblazer, according to Gorman’s sources.

But that’s not the aspect the government seems to address. That is, the government seems to be saying that, because Turbulence adopted some of the approaches of ThinThread that made it more efficient at analysis, Drake can’t complain. The suggestion is (though we can’t know because of the secrecy) privacy is not, like efficacy, an adequate reason to blow the whistle. Neither privacy, nor the Constitution.

And that’s interesting for two more reasons. First, because the government references a notebook of documents Drake provided that had nothing to do with the IG Report.

There was, for example, a notebook of documents provided by the defendant, many of which had nothing to do with the IG’s audit, but this notebook was destroyed before the case began, and after the IG completed its audit.

Is it playing games with the scope of the audit? That is, did Drake provide materials on privacy, which the IG didn’t include within the scope of its report? If so, the IG’s destruction of the notebook, in violation of DOD’s document retention policy, is all the more interesting.

Then, finally, the debates about privacy continued into 2007 and 2008. In August 2007, specifically, Mike McConnell nixed a Democratic version of the Protect America Act because it required the government to tell FISA judges what the plan for minimizing US person data is and allowed the judges to review for compliance. Debates on how to fix PAA continued throughout the fall and into the following year, with Russ Feingold and Sheldon Whitehouse both trying to make real improvements on the minimization requirements.

The government seems to want to say that Drake’s privacy concerns aren’t a valid whistleblowing concern. Because, I guess, government officials aren’t allowed to whistleblow about citizens’ rights.

GM Brings Flint, MI to China

In one of my favorite posts on the risks of a GM collapse, I described the risk of GM’s Chinese partner buying up GM’s American brands.

I was talking with mr. emptywheel about what one of the bad–but by no means worst–case scenarios in a GM bankruptcy would be. This scenario is just one of several that might happen–by no means guaranteed, and Congress would fight the scenario at every stage, though with increasingly less leverage. But it is a scenario that follows a great deal of logic about possible outcomes. It is this scenario, though, that explains why both Toyota (I’ve seen reported–looking for the link) and many in Congress want to bailout GM before it gets to bankruptcy.

Here’s the short version: more details below.

  1. GM files for Chapter 7 bankruptcy
  2. GM’s Chinese partner, SAIC, buys much of GM (Buick, Chevy, Cadillac)
  3. GM/SAIC starts importing Chinese-made Buicks and Chevys, undercutting Toyota’s cost advantages
  4. GM/SAIC owns the Volt technology, requiring US firms to lease it if they wanted to use it

Which is why my stomach turned at the news that GM is about to cede majority control over its Chinese operations to SAIC.

G.M. has become the second-largest automaker in China mainly through a 50-50 venture with S.A.I.C. that makes a wide range of G.M.-designed cars. Under the deal being completed, G.M. would sell a 1 percent stake in the venture to S.A.I.C., raising the Chinese automaker’s share to 51 percent, although G.M. would retain equal voting rights in company decisions and have an option to buy back the stake later, people with knowledge of the transaction said.

Michael Dunne, an auto consultant specializing in Asian markets, said that for G.M. to accept a minority holding in its main joint venture marked an inevitable decline in G.M.’s influence in China, which has overtaken the United States as the world’s largest auto market.

“Dropping below the 50-50 partnership is huge — there may be a way to preserve voting rights, but symbolically, it is a step down,” Mr. Dunne said.

G.M. is separately putting its Indian operations into a new joint venture with S.A.I.C., effectively selling about half of the operations to S.A.I.C. as well.

China will continue to use this moment of weakness (for the country as a whole, not just for GM) to take over our equities in international trade. And few people seem to be watching.

Playing Chess with the Chinese

Last week, I suggested that Shanghai Automotive Industry Corporation might be the most likely GM buyer, if it came to that.

So if GM goes bankrupt in January, as may happen, it may well have to sell itself off (unless the government guarantees the same kind of financing that it is refusing now). And I believe one company is one of the most likely–and indeed sensible–buyers: Shanghai Automotive Industry Corporation, or SAIC, the Chinese company with which GM partners to do business in that country. 

Apparently, the Chinese thought so too.

Chinese carmakers SAIC and Dongfeng have plans to acquire GM and Chrysler, China’s 21st Century Business Herald reports today. [A National Enquirer the paper is not. It is one of China’s leading business newspapers, with a daily readership over three million.] The paper cites a senior official of China’s Ministry of Industry and Information Technology– the state regulator of China’s auto industry– who dropped the hint that “the auto manufacturing giants in China, such as Shanghai Automotive Industry Corporation (SAIC) and Dongfeng Motor Corporation, have the capability and intention to buy some assets of the two crisis-plagued American automakers.” These hints are very often followed with quick action in the Middle Kingdom. The hints were dropped just a few days after the same Chinese government gave its auto makers the go-ahead to invest abroad. And why would they do that?

A take-over of a large  overseas auto maker would fit perfectly into China’s plans. As reported before, China has realized that its export chances are slim without unfettered access to foreign technology. The brand cachet of Chinese cars abroad is, shall we say, challenged. The Chinese could easily export Made-in-China VWs, Toyotas, Buicks. If their joint venture partner would let them. The solution: Buy the joint venture partner. Especially, when he’s in deep trouble.

How’s that bridge loan looking now, Richard Shelby? You want your Japanese manufacturers to be competing against cars assembled in China?