Senate Intelligence Committee Doesn’t Think the Intelligence Community Inspector General Does Enough All-IC Oversight

The Intelligence Community Inspector General receives just two mentions in the Intelligence Authorization released earlier this month. First, in a standalone section that will permit it to hire expert auditors, as other Inspectors General can. The bill report explains that section this way.

Section 307. Inspector General of the Intelligence Community auditing authority

Section 307 permits the IC IG to hire contractor or expert auditors to meet audit requirements, similar to other Federal IGs. Section 307 responds to the Committee’s concerns that the IC Inspector General (IC IG) is at risk of failing to meet its legislative requirements due to its inability to hire qualified auditors by granting the IC IG independent hiring practices identical to other IGs.

Good to see that eight years after it was created, the ICIG will be able to start doing competent financial audits.

In addition, the unclassified portion of the Intel Authorization includes the ICIG among those Inspectors General that must see whether its agencies are classifying and declassifying things properly.

Which suggests this passage — which goes far beyond those two passages — may correspond to some language within the classified portion of the bill.

Inspector General of the Intelligence Community role and responsibilities

The Inspector General of the Intelligence Community (IC IG) was established by the Intelligence Authorization Act for Fiscal Year 2010 to initiate and “conduct independent reviews investigations, inspections, audits, and reviews on programs and activities within the responsibility and authority of the Director of National Intelligence” and to lead the IG community in its activities. The Committee is concerned that this intent is not fully exercised by the IC IG and reiterates the Congress’s intent that it consider its role as an IG over all IC-wide activities in addition to the ODNI. To support this intent, the Committee has directed a number of requirements to strengthen the IC IG’s role and expects full cooperation from all Offices of Inspector General across the IC.

The Committee remains concerned about the level of protection afforded to whistleblowers within the IC and the level of insight congressional committees have into their disclosures. It is the Committee’s expectation that all Offices of Inspector General across the IC will fully cooperate with the direction provided elsewhere in the bill to ensure both the Director of National Intelligence and the congressional committees have more complete awareness of the disclosures made to any IG about any National Intelligence Program funded activity.

Ron Wyden submitted — but then withdrew — language extending whistleblower protection to contractors. Instead there’s just this language nodding, yet again, to protecting those who whistleblow.

But I’m as interested in SSCI “reiterate[d] the Congress’s intent that [ICIG] consider its role as an IG over all IC-wide activities in addition to the ODNI.”

Going back to 2011, the ICIG refused to do a community-wide review of the way Section 702 works (or count how many Americans get sucked up). With EO 12333 sharing raw data with other agencies, it behooves the ICIG to review how that process works.

The Intel Authorization also requires a review to make sure all the agencies shared the data they should have on Russian tampering with the election. It turns out the interagency “Task Force” John Brennan set up in the summer was a CIA-led task force. It wasn’t until December that a broader set of analysts were permitted to review the intelligence, leading to new discoveries (including, it seems, new conversations between Trump officials and Russians of interest). And it seems highly likely that DHS was left out of the loop, which would be especially problematic given that that’s the agency that talks to state electoral officials.

As Mike Pompeo seems intent on politicizing Iran intelligence and killing diversity at CIA, I hope ICIG gets directed to review CIA’s approach to both of those issues.

There are likely more items of interest addressed in the “requirements to strengthen the IC IG’s role.” Which is a good thing.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Three Things: Bad, Worse, and Just Deal Already

I’ve got to run some errands, only have time for a very quick three things post.

~ 3 ~

Because Trump wants a cheaper Air Force One, the Air Force bought a bankrupt Russian company’s canceled Boeing 747s.

Why does this sound like 1) a crap deal which doesn’t solve the need for an attack-resistant AF1, 2) a bail-out for some entity, whether Boeing or whoever in Russia is holding the bag on the down payment?

~ 2 ~

A few days ago I read yet another right-wing character assassination attempt aimed at Robert Mueller, distributing disinformation related to Russia and radioactive materials. Real story completely stretched beyond recognition to attack the special counsel looking into Trump-Russia.

Meanwhile, the Los Alamos National Laboratory has improperly MAILED radioactive materials repeatedly.

This highlights our long-term problems with outsourcing nuclear sites’ management to private contractors.

Please let’s not allow Trump cut a deal on this matter. It’s bad enough we have Dancing With The Stars’ Rick Perry involved in any way. And watch for more disinfo about Robert Mueller as the Trump-Russia investigation heats up.

~ 1 ~

Baltimore Ravens need to get off it and hire Colin Kaepernick. Baltimore the city needs him. Not only is Kaepernick a good Plan B because of Joe Flacco’s back, the Ravens need a reset on their image — many women still don’t have a high opinion of the Ravens (or the NFL) after the Ray Rice scandal. And Kaepernick is a solid player worth watching; he doesn’t deserve the racist bullshit he’s received from the NFL, quietly blacklisted for exercising his First Amendment rights. Football isn’t slavery demanding forfeit of human rights, after all — or is it?

~ 0 ~

Off to run the roads. This is an open thread. Behave.

Blogger since 2002, political activist since 2003, geek since birth. Opinions informed by mixed-race, multi-ethnic, cis-female condition, further shaped by kind friends of all persuasions. Sci-tech frenemy, wannabe artist, decent cook, determined author, successful troublemaker. Mother of invention and two excessively smart-assed young adult kids. Attended School of Hard Knocks; Rather Unfortunate Smallish Private Business School in Midwest; Affordable Mid-State Community College w/evening classes. Self-employed at Tiny Consulting Business; previously at Large-ish Chemical Company with HQ in Midwest in multiple marginalizing corporate drone roles, and at Rather Big IT Service Provider as a project manager, preceded by a motley assortment of gigs before the gig economy was a thing. Blogging experience includes a personal blog at the original blogs.salon.com, managing editor for a state-based news site, and a stint at Firedoglake before landing here at emptywheel as technology’s less-virginal-but-still-accursed Cassandra.

Did China and Russia Really Need Our Help Targeting Spook Techies?

LAT has a story describing what a slew of others — including me — have already laid out. The OPM hack will enable China to cross-reference a bunch of databases to target our spooks. Aside from laying all that out again (which is worthwhile, because not a lot of people are still not publicly discussing that), LAT notes Russia is doing the same.

But other than that (and some false claims the US doesn’t do the same, including working with contractors and “criminal” hackers) and a review of the dubiously legal Junaid Hussain drone killing, LAT includes one piece of actual news.

At least one clandestine network of American engineers and scientists who provide technical assistance to U.S. undercover operatives and agents overseas has been compromised as a result, according to two U.S. officials.

I would be unsurprised that China was rolling up actual HUMINT spies in China as a result of the OPM breach (which would explain why we’d be doing the same in response, if that’s what we’re doing). But the LAT says China (and/or Russia) is targeting “engineers and scientists who provide technical assistance” to spooks — one step removed from the people recruiting Chinese (or Russian) nationals to share its country’s secrets.

I find that description rather curious because of the way it resembles the complaint by CIA contractor whistleblower John Reidy in an appeal of a denial of a whistleblower complaint by CIA’s Inspector General. (Marisa Taylor first reported on Reidy’s case.) As I extrapolated from redactions some weeks ago, it looks like Reidy reported CIA’s reporting system getting hacked at least as early as 2007, but the contractors whose system got (apparently) hacked got him fired and CIA suppressed his complaints, only to have the problem get worse in the following years until CIA finally started doing something about it — with incomplete information — starting in 2010.

Reidy describes playing three roles in 2005: facilitating the dissemination of intelligence reporting to the Intelligence Community, identifying Human Intelligence (HUMINT) targets of interest for exploitation, and (because of resource shortages) handling the daily administrative functions of running a human asset. In the second of those three roles, he was “assigned the telecommunications and information operations account” (which is not surprising, because that’s the kind of service SAIC provides to the intelligence community). In other words, he seems to have worked at the intersection of human assets and electronic reporting on those assets.

Whatever role he played, he described what by 2010 had become a “catastrophic intelligence failure[]” in which “upwards of 70% of our operations had been compromised.” The problem appears to have arisen because “the US communications infrastructure was under siege,” which sounds like CIA may have gotten hacked. At least by 2007, he had warned that several of the CIA’s operations had been compromised, with some sources stopping all communications suddenly and others providing reports that were clearly false, or “atmospherics” submitted as solid reporting to fluff reporting numbers. By 2011 the government had appointed a Task Force to deal with the problem he had identified years earlier, though some on that Task Force didn’t even know how long the problem had existed or that Reidy had tried to alert the CIA and Congress to the problem.

All that seems to point to the possibility that tech contractors had set up a reporting system that had been compromised by adversaries, a guess that is reinforced by his stated desire to bring a “qui tam lawsuit brought against CIA contractors for providing products whose maintenance and design are inherently flawed and yet they are still charging the government for the products.” In his complaint, he describes Raytheon employees being reassigned, suggesting that contracting giant may be one of the culprits, but all three named contractors (SAIC, Raytheon, and Mantech) have had their lapses; remember that SAIC was the lead contractor that Thomas Drake and friends exposed.

Reidy’s appeal makes it clear that one of the things that exacerbated this problem was overlapping jurisdiction, with a functional unit apparently taking over control from a geographic unit. While that in no way rules out China, it sounded as much like the conflict between CIA’s Middle East and Counterterrorism groups that has surfaced in other areas as anything else.

The reason I raise Reidy is because — whether or not the engineers targeted as described in the LAT story are the same as the ones Reidy seems to describe — Reidy’s appeal suggests the problem he described arose from contractor incompetence and cover-ups.

I guess you could say the same about the OPM hack (though it was also OPM’s incompetence). Except in the earlier case, you’re talking far more significant intelligence contractors — including SAIC and Raytheon, who both do a lot of cybersecurity contracting on top of their intelligence contracting — and a years-long cover up with the assistance of the agency in question.

All while assets were being exposed, apparently because of insecure computer systems.

China’s hacking is a real threat to the identities of those who recruit human sources (and therefore of the human sources themselves).

But if Reidy’s complaint is true, then it’s not clear how much work China really needs to do to compromise these identities.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

The Danger of Someone Criticizing Political Pork Landing on the Capitol Lawn

The WaPo has a good review of how postal service worker Doug Hughes managed to fly his gyrocopter onto the Capitol lawn without being spotted by the Secret Service or other security forces.

But the best part of the story cites corporate sucklings Chuck Schumer and Ron Johnson expressing dismay that the security theater draping DC didn’t prevent Hughes from landing a harmless aircraft on their lawn.

On Capitol Hill, there was less concern Thursday about Hughes’s message than how he delivered it — flying into the heart of the nation’s capital and alighting on the Capitol lawn about 1:30 p.m. in what amounts to an airborne go-cart, powered by something like a lawn mower engine, and kept aloft by an overhead rotor and a small propeller.

“How did it happen?” Sen. Charles E. Schumer (D-N.Y.) wondered aloud. “How did the helicopter get through? Why weren’t there alarm bells that went off? Why wasn’t it intercepted? Did we know about it? How far from the Capitol grounds did we know?”

Schumer, the Senate’s third-ranking Democrat, added: “Just saying it’s a little helicopter, or it’s one person, or it was harmless, does not answer these questions. And we need to know what happened.”

Sen. Ron Johnson (R-Wis.), chairman of the Homeland Security and Governmental Affairs Committee, said in a statement: “I am deeply concerned that someone has the ability to fly for over an hour through the most restricted airspace in our country, past the White House, and land on the lawn of the Capitol.”

He added that he wants “a full accounting by all federal organizations entrusted with securing the United States from this and similar events.” That Hughes was able to pull off the stunt, Johnson said, is “a reminder that the risk to America and Americans is ever present.”

As Nancy Pelosi noted in comments yesterday (which were almost, but not quite, this shrill), there are reasons to want the Capitol to remain fairly open. And it is fairly open — easier to get into than an airport, for example. That makes it accessible to the thousands of local lobbying and school groups who want to see their Representatives’ office.

But it also makes it permeable by lobbyists.

The big money lobbyists, of course, do far more damage to this country than a gyrocopter ever could, damage that Schumer and Johnson are enthusiastic participants in.

Which is sort of Hughes’ point.

I expect more ironic symbolism from this event going forward, as a bunch of security-industry intoxicated Congressmen take as a lesson from this that they need to insulate themselves even more from the people warning about them insulating themselves form their constituents.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Internet Cats, Weaponized: US Defense Contractor Consulted on Targeted Network Injection Surveillance for Commercial Sales Abroad

[photo: liebeslakritze via Flickr]

[photo: liebeslakritze via Flickr]

First, a caveat: I would not click on the links embedded in the story I’m recommending (I’m this || close to swearing off embedded links forever). I don’t trust traffic to them not to be monitored or exploited.

But as Jeremy Scahill tweeted last evening, read this piece by WaPo’s Barton Gellman on malicious code insertion. This news explains recent changes by Google to YouTube once it had been disclosed to the company that exploits could be embedded in video content as CitizenLab.org explains:

“… the appliance exploits YouTube users by injecting malicious HTML-FLASH into the video stream. …”
“… the user (watching a cute cat video) is represented by the laptop, and YouTube is represented by the server farm full of digital cats. You can observe our attacker using a network injection appliance and subverting the beloved pastime of watching cute animal videos on YouTube. …”

The questions this piece shake loose are Legion, but as just as numerous are the holes. Why holes? Because the answers are ugly and complex enough that one might struggle with them. Gellman’s done the best he can with nebulous material.

An interesting datapoint in the first graf of the story is timing — fall 2009.

You’ll recall that Google revealed the existence of a cyber attack code named Operation Aurora in January 2010, which Google said began in mid-December 2009.

You may also recall news of a large batch of cyber attacks in July of 2009 on South Korean targets.

The U.S. military had already experienced a massive uptick in cyber attacks in 1H2009, more than double the rate of the entire previous year.

And neatly sandwiched between these waves and events is a visit by a defense contractor CloudShield Technologies engineer from California, to Munich, Germany with British-owned Gamma Group. Read more

Blogger since 2002, political activist since 2003, geek since birth. Opinions informed by mixed-race, multi-ethnic, cis-female condition, further shaped by kind friends of all persuasions. Sci-tech frenemy, wannabe artist, decent cook, determined author, successful troublemaker. Mother of invention and two excessively smart-assed young adult kids. Attended School of Hard Knocks; Rather Unfortunate Smallish Private Business School in Midwest; Affordable Mid-State Community College w/evening classes. Self-employed at Tiny Consulting Business; previously at Large-ish Chemical Company with HQ in Midwest in multiple marginalizing corporate drone roles, and at Rather Big IT Service Provider as a project manager, preceded by a motley assortment of gigs before the gig economy was a thing. Blogging experience includes a personal blog at the original blogs.salon.com, managing editor for a state-based news site, and a stint at Firedoglake before landing here at emptywheel as technology’s less-virginal-but-still-accursed Cassandra.

Bengh– Blackwater!

You should definitely read the James Risen story describing how the head of Blackwater’s operations in Iraq threatened to kill an investigator into the company’s practices in the period before the Nisour Square. It definitely confirms every concern that has been raised about mercenaries generally and Blackwater specifically.

But I want to look at the frame Risen gave the story, which I suspect few will read closely.

His memo and other newly disclosed State Department documents make clear that the department was alerted to serious problems involving Blackwater and its government overseers before the Nisour Square shooting, which outraged Iraqis and deepened resentment over the United States’ presence in the country.

[snip]

Condoleezza Rice, then the secretary of state, named a special panel to examine the Nisour Square episode and recommend reforms, but the panel never interviewed Mr. Richter or Mr. Thomas.

Patrick Kennedy, the State Department official who led the special panel, told reporters on Oct. 23, 2007, that the panel had not found any communications from the embassy in Baghdad before the Nisour Square shooting that raised concerns about contractor conduct.

“We interviewed a large number of individuals,” Mr. Kennedy said. “We did not find any, I think, significant pattern of incidents that had not — that the embassy had suppressed in any way.”

The reason this is coming out — aside from the fact the government is trying to try the Nisour Square killers again — is to show that contrary to what Patrick Kennedy said after having done a review of security practices in 2007, there had been a pattern of incidents, and they had been suppressed by the Embassy.

Now consider how that reflects on the GOP’s second favorite scandal, Benghazi. Not only was Kennedy the key judge about the events leading up to that event (which is normal — he’s been a key player in State for a very long time; I’m beginning to believe he’s State’s institutional defender in the same way David Margolis was at DOJ), but the question of security oversight is important there: Blue Mountain Group appears to have done its job inadequately (and there are some sketchy things about its contract and contractors).

Benghazi is actually not a bigger scandal than that State suppressed knowledge of Blackwater’s problems. But there does seem to be continuity.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

New & Improved USA Freedumb Act, with Twice the Contractors Compensated

Somewhere Booz Allen Hamilton Vice Chairman (and former NSA Director) Mike McConnell just said, “Ka-Ching.”

As I noted, the initial manager’s amendment of HR 3361 (AKA USA Freedumb Act) added compensation language to Section 215 that didn’t originally exist.

(j) COMPENSATION.—The Government shall compensate, at the prevailing rate, a person for producing tangible things or providing information, facilities, or assistance in accordance with an order issued or an emergency production required under this section.

In this latest iteration, the compensation has been expanded beyond just the telecoms to anyone else who assists.

(j) COMPENSATION.—The Government shall compensate a person for reasonable expenses incurred for—

(1) producing tangible things or providing information, facilities, or assistance in accordance with an order issued with respect to an application described in subsection (b)(2)(C) or an emergency production under subsection (i) that, to comply with subsection (i)(1)(D), requires an application described in subsection (b)(2)(C); or

(2) otherwise providing technical assistance to the Government under this section or to implement the amendments made to this section by the USA FREEDOM Act.

There’s reason to believe that contractors (AKA Booz!) does some of the triage work on the data currently. So one solution to that problem might be to move those Booz contractors — with their access directly to the raw data of Americans — over to Verizon and AT&T.

Because why shouldn’t NSA contractors be in bed together, wallowing in all your raw data.

Glad to see this bill is improving Intelligence Contractors bottom line, even if it doesn’t improve the dragnet.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

Unread Reports as the Big Data Dump? Not Really.

The very same week the President released his breathless report on Big! Data!, the Washington Post has a story criticizing the sheer number and types of reports Congress requires from the Federal bureaucracy.

It started out with a good idea. Legislators wanted to know more about the bureaucracy working beneath them. So they turned to a tool as old as bureaucracy itself — the interoffice memo. They asked agencies to send in written reports about specific things they were doing.

Then, as happens in government, that good idea was overused until it became a bad one.

[snip]

But as the numbers got bigger, Congress started to lose track. It overwhelmed itself. Today, Congress is not even sure how many of those 4,291 reports are actually turned in. And it does not try to save copies of all the ones that are.

So some agencies cheat and send in nothing. And others waste time and money sending in reports — such as the one on dog and cat fur — that simply disappear into the void.

To support its case, WaPo focuses on one report requiring Customs and Border Patrol to report on how much dog and cat fur products are being shipped into the US, which is probably a needless report (which is also probably why WaPo picked it out of the 4,291 it identified).

And WaPo — a member of the Fourth Estate that purportedly serves as a check on power — comes to this very dangerous conclusion.

The problem is that there is no system to sort the good ones from the useless ones. They all flow in together, which makes it hard for congressional staffers to spot any valuable information hidden in the flood.

First, the press is part of that system! Rather than throwing cat and dog fur, perhaps WaPo could have tried to distinguish those that were critical from those that are questionable and those that are clearly frivolous.

Moreover, it is the height of irresponsibility to absolve Congressional staffers — whose bosses are the only ones that can eliminate useless reports — of responsibility for reading the reports they get. Either the staffers must be held accountable for reading the reports, or for eliminating them. That’s how you fix the system. That’s why we’re paying them.

Ultimately, too, I’m not sure I buy the WaPo’s argument that these are useless reports. 4,291 seems like a not unreasonable amount of data for legislators to receive and read about the world’s biggest (perhaps now second biggest) economy, about DOD’s $526 billion budget, about the many federal benefit programs, about the expanding police state.

And if you look at the actual list (rather than WaPo’s admittedly snazzy but not very informative infographic on them), many — perhaps even most — of the reports make a lot of sense.

Consider the reports listed for General Services Administration, an entity with an annual budget of $26 billion, which has the ability to effect great change as the source of enormous spending, and one that has routinely experienced significant spending scandals.

  1. Activities and status of advisory committees in existence during the previous calendar year
  2. A report on the status of the high-performance green building initiatives under this subtitle
  3. Administration’s alternative fueled vehicle program
  4. A description of lost opportunities for waste-heat recovery from the project described in paragraph (A)
  5. A report on the use of photovoltaic energy in public buildings
  6. Violations by Federal agencies of Federal Records Act of 1950, as codified 1950
  7. Reports by Inspector General of particularly serious or flagrant problems, abuses, or deficiencies in the administration of programs and operations of the agency
  8. Activities of the Inspector General
  9. Accessibility to public buildings by the physically handicapped
  10. Prospectus proposing a building project or lease
  11. Location, space, cost, and status of each public building, the construction, alteration, or acquisition of which is to be under authority of the Act, and which was uncompleted as of the date requested
  12. Building project surveys as requested by either the Senate or House
  13. Use of underutilized public buildings and property for facilities to assist the homeless
  14. Summary of excess property disposal reports
  15. Evaluation of the operation of programs for donation of Federal surplus personal property; excess personal property transferred
  16. Excessive stocking of property, above reasonable inventory levels, by executive agencies
  17. Administration of the Federal Property and Administrative Services Act of 1949
  18. Contracts to facilitate the national defense entered into, amended, or modified
  19. Acquisition cost of surplus real or related personal property conveyed for care or rehabilitation of criminal offenders during previous fiscal year
  20. Results of investigations of the cost of travel and the operation of privately owned vehicles to Federal employees while engaged in official business
  21. Annual determination of the average actual cost per mile for the use of a privately owned motorcycle, automobile, and airplane
  22. A plan to comply with Section 432 relating to energy and water conservation at General Services Administration facilities

Reports 1, 6, 7, 8, 10, 11, 12, 17, and 18 are simply reports Congress needs to ask for to ensure there’s some visibility into the Agency, to ensure they’ll be informed if GSA finds something wrong itself. Reports 2, 3, 4, 5, 9, 13, 14, 19, and 22 measure the efficacy of efforts to use GSA’s buying power to do some social good  (and report 9, on ADA accessibility, involves significant legal compliance).  Reports 15 and 16 address an area susceptible to graft.  Reports 20 and 21 are not only key to cost-benefit analysis of how Federal employees travel, but they apparently are tied to one of GSA’s most requested links. Some of these are also reports tied to an action, like buying a building. And all that amounts to less than 1 report for every $ billion American taxpayers give to GSA. If anything, there are a few more reports — that might identify obviously politicized or excessive spending, which is a persistent problem with GSA — that are missing.

Admittedly, that’s just one random agency. But aside from some entities the Federal government runs itself (like American Samoa and DC) as well as some Commissions over which there have been political fights in the past I’m not seeing a whole lot of waste here — though there may be some inefficiency in how the information is requested. I might grant that in the era of big data we need to automate this — in effect, give Congress a better way to Big! Data! the bureaucracies it oversees (though that would be awfully susceptible to abuse), but I don’t see a lot of information that shouldn’t be required from the bureaucracy.

I’m reminded how, 2 years ago, James Clapper claimed ODNI had to produce too many reports and should be permitted to eliminate 30 of them. He tried to get rid of the annual report on how many people have security clearance (one of the few ways we can measure the ballooning secret government). He tried to get rid of reports on Department of Homeland Security’s notoriously useless intelligence agency. He tried to eliminate reports on Chinese spying on the US and nuclear lab security, both persistent security issues. He tried to eliminate a report informing Congress what the privacy staffs of intelligence agencies are doing. In short, in the guise of onerous reporting, he tried to eliminate crucial oversight  (as well as a paper trail that could be FOIAed) on several areas of great public concern.

Or consider this: DOD cannot pass an audit. The biggest military in the world still is not required to account for the money it spends, both to itself and Congress.

And yet a newspaper is saying we require too much reporting from the great big bureaucracy?

I don’t buy it.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

A Key Part of RuppRoge’s Fake Dragnet Fix Reform: Pay the Telecoms

Here’s an interesting “reform” in the RuppRoge’s Fake Dragnet Fix. It pays the telecoms.

COMPENSATION AND ASSISTANCE.–The Government shall compensate, at the prevailing rate, an electronic communications service provider for providing records in accordance with directives issued pursuant to [their bill].

Section 215 does not include such a payment provision. And while the first two phone dragnet orders included provision for such payments, that was probably illegal.

Don’t get me wrong. I’m sure the government has found some way to pay the telecoms, either through added payments for AT&T’s Hemisphere program or gifts in kind. (Though given the timing of DOJ’s suit against Sprint for over-billing, I do wonder whether the government is retaliating for something.) Telecoms don’t spy for free, so I’m sure they’ve been getting paid, illegally, for the last 8 years of dragnet spying they’ve been doing.

But the lack of such provision in Section 215 should have limited the scope of the dragnet. It should have required that requests be so narrow no telecom was going to send big bills to the government every month. And it presumably made the telecoms (well, except for AT&T, which never met a spying request it didn’t love) less willing to interpret orders from the government expansively.

The inclusion of such a compensation clause in the RuppRoge “reform” makes it even more likely this dragnet will expand with the now well-oiled willingness of the telecoms to go above and beyond the letter of the request.

Which is presumably just how the NSA wants it to be.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.

America’s $1 Trillion Target Barge

The NYT has a story about a mock US aircraft carrier Iran is building, its sources say, so Iran can blow it up for the propaganda value.

Iran is building a nonworking mock-up of an American nuclear-powered aircraft carrier that United States officials say may be intended to be blown up for propaganda value.

This has set off chatter about how weird and dumb Iran is for building this giant toy boat, which US sources call the Target Barge.

But pretty soon after I started reading the article I found myself applying the phrases in it to America’s F-35 program which, in many ways, is an even bigger propaganda prop. See how it looks when you swap out Iran’s barge for the F-35?

Intelligence officials do not believe that the US is capable of building an actual F-35.

“Based on our observations, this is not a functioning plane; it’s a large spending program built to look like an plane,” said Cmdr. Jason Salata, a spokesman for the Navy’s Fifth Fleet in Bahrain, across the Persian Gulf from Lockheed. “We’re not sure what the US hopes to gain by building this. If it is a big propaganda piece, to what end?”

[snip]

“It is not surprising that American military forces might use a variety of tactics — including military deception tactics — to strategically communicate and possibly demonstrate their resolve in air power,” said a Chinese official who has closely followed the construction of the F-35.

[snip]

[T]he Pentagon has taken no steps to cloak from prying Chinese hackers what it is building in pork-laden building sites across several countries. “The system is often too opaque to understand who hatched this idea, and whether it was endorsed at the highest levels,” said Karim Sadjadpour, an American expert at the Carnegie Endowment for International Peace.

See what I mean?

Opacity of purpose.

Failure to provide adequate security.

Probable impossibility to bring to completion.

Abundant propaganda.

I’m not all that sure what distinguishes the F-35 except the cost: Surely Iran hasn’t spent the equivalent of a trillion dollars — which is what we’ll spend on the F-35 when it’s all said and done — to build its fake boat.

So which country is crazier: Iran, for building a fake boat, or the US for funding a never-ending jet program?

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including Vice, Motherboard, the Nation, the Atlantic, Al Jazeera, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse in Grand Rapids, MI.