Posts

What If the Insider Threat Memo Is about David Petraeus?

/16 Comments/in /by

In a holiday document dump, President Obama transmitted Minimum Standards for Insider Threat Detection Programs. As mere citizens, we don’t get to see those standards. We only get to see the memo accompanying them, which leaves us guessing what–if anything–to make of the timing and content of the memo. In addition to Steven Aftergood’s general overview, Falguni Sheth, Kevin Gosztola, and Jesselyn Radack have some thoughts.

The simplest explanation for the timing of the memo is that’s when the Insider Threat Task Force developing them finished the Standards. The Standards were due a year after Obama ordered the creation of them on October 7, 2011.

Sec. 6.3. The Task Force’s responsibilities shall include the following:

(a) developing, in coordination with the Executive Agent, a Government-wide policy for the deterrence, detection, and mitigation of insider threats, which shall be submitted to the Steering Committee for appropriate review;

(b) in coordination with appropriate agencies, developing minimum standards and guidance for implementation of the insider threat program’s Government-wide policy and, within 1 year of the date of this order, issuing those minimum standards and guidance, which shall be binding on the executive branch;

That would mean they were due 45 days before Obama transmitted them. Perhaps the delay can be explained by either the election or a review within the White House (and I’m wonder whether Obama’s victory influenced how Obama received these Standards).

So it could well be that this memo was released as a holiday dump through sheer chance, Obama finishing up business before taking time with the family.

The timing of the transmittal might also be explained by personnel changes. James Clapper and Eric Holder (or their designees) would be the mandatory co-Chairs of the Task Force. While reports suggest Holder will stick around for another year, it’s unclear whether Clapper will be.

But then there’s the possibility that the Petraeus scandal influenced this release.

As a threshold matter, the EO mandating these Standards includes CIA involvement (by designees of but not the Director himself) on both the Task Force and Steering Committee on Insider Treats. It also reserves the authority of the Director of CIA with regards to security of information systems under an earlier EO and a National Security Directive. What happens where you’re in the middle of rolling out an Insider Threat Detection Program and one of the key players involved in it is embroiled in an insider threat investigation himself?

The EO also allows the Director of National Intelligence to “issue policy directives” to help the agencies of the Intelligence Community comply with this.

With respect to the Intelligence Community, the Director of National Intelligence, after consultation with the heads of affected agencies, may issue such policy directives and guidance as the Director of National Intelligence deems necessary to implement this order.

Perhaps such “policy directives” no longer seem like such a good idea if the CIA Director can’t even limit his threat profile.

Then there’s the possibility that the behavior of one of the players in the scandal demonstrated that the Standards are not yet being met. While reportedly Petraeus and Paula Broadwell only shared a GMail account–and therefore there is no allegation that they used the classified networks addressed in the EO–we have fewer details about what network General Allen was using to exchange sexy-time emails with Jill Kelley. Furthermore, whlie we know Broadwell had classified information on her computer and in her house, we don’t have much detail on this, either. As a Reserve Officer, her behavior may well have demonstrated holes in the program implemented by DOD.

In other words, it may be that the Standards had been languishing for 45 days after they were completed, but the Petraeus scandal identified that the Insider Threat Detection should have but did not identify some of the activities going on. That might have created some urgency for Obama to transmit them, so he could start cracking heads at the agencies where they standards were not being met. Obama’s memo also promises the standards will “provide the workforce with insider threat awareness training,” so it’s possible the Administration believes that if just its top Generals had a bit more training they might not destroy their careers by compromising security. Though, as Marc Ambinder explained, because he was in the chain of command for the nuclear football, Petraeus would have had extensive indoctrination on potential threats.

Or maybe it’s something else entirely.

Read more

Investigating National Security Personnel in the Post-Nidal Hasan Era

/5 Comments/in /by

Three years and one day before FBI briefed DNI Clapper about the questionable email practices of David Petraeus, and less than three years before FBI alerted Leon Panetta to John Allen’s perhaps less questionable email practices, an Army officer who had been the subject of a 6-month investigation into his questionable emails killed 13 people and wounded another 29 at Fort Hood, TX.

While a number of people are criticizing the FBI (rightly, in the case of the agent who reportedly made this investigation his or her own personal project) for being out of control in the investigation that started with Jill Kelley’s email, I’d like to put the FBI’s decision to inform Petraeus’ and Allen’s superiors about their emails in the context of the failure to stop Nidal Hasan.

I don’t mean to suggest that Petraeus and Allen’s smutty emails to some beautiful middle aged housewives equate to an Army psychiatrist writing a radical anti-American cleric. At least given what we know, there were far more serious red flags in Hasan’s emails to Anwar al-Awlaki than there were in Petraeus’ love notes to Paula Broadwell (though Petraeus’ use of counter-surveillance techniques would, by themselves, be a red flag).

But the point is–and one key lesson of the failure to stop Hasan–is that the FBI can’t always know how important inappropriate email contacts are without talking to a person’s superiors. If they had done with Hasan what they did here–inform the officer’s superiors after concluding no criminal behavior had taken place (which is what they concluded with Hasan)–they might have learned of the more troubling context behind the emails.

Besides, the most damaging leak, today’s stories revealing a huge chunk of Allen emails that may be flirtatious but in no way problematic, came from a senior US defense official, not the FBI. There were surely more appropriate ways to delay Allen’s confirmation hearing later this week, but that decision was presumably DOD’s, not FBI’s.

Carrie Johnson captures some of the other disclosure issues FBI faced. But the question as to why FBI informed Clapper and Panetta can be answered, IMO, by pointing to lessons learned with the Nidal Hasan case. FBI almost certainly had no reason to doubt Petraeus and Allen. But I don’t blame FBI for not wanting to make the final decisions about how this email behavior affected the Generals’ fitness to command.

Petraeus Rules

/39 Comments/in , /by

While the Beltway is slowly coming around to the logic that it’s not a good thing if the CIA Director has a pseudonymous Gmail account he uses to conduct an affair, it has yet to consider some other factors that may have forced David Petraeus to quit.

As a threshold matter, it appears that both Petraeus and Paula Broadwell did things that have gotten others–people like Thomas Drake–prosecuted and stripped of their security clearance. Obama can’t continue his war on leakers if he goes easy on Petraeus after compromising his own email account. In addition, it appears that as the FBI closed in on Petraeus, he and Broadwell may have pushed back by revealing (or claiming) CIA had prisoners in Benghazi. That is, in some way Petraeus and Broadwell’s response to the investigation appears to have colored how they treated the Benghazi pushback going on at precisely the same time.

Here’s a decent timeline of Petraeus’ demise (though many of these details–from the start date of the affair, the investigation, and Petraeus’ FBI interview have been reported using different dates, suggesting different anonymous stories may be offering different timelines). I’d like to concentrate on the following, which include a few additions.

[Week of, possibly day of] October 21 [alternately reported as September]: Paula Broadwell first interviewed by FBI. She agrees to turn over her computer, which will lead to the FBI finding classified information on it.

October 24 (written the day before): Petreaus applauds the guilty plea of John Kiriakou, who passed the identity of torturers to lawyers representing Gitmo detainees who have been tortured. Those lawyers have clearance, and they did not publicly reveal the most sensitive name. In his second-to-last statement as CIA Director, he writes,

This case yielded the first IIPA successful prosecution in 27 years, and it marks an important victory for our Agency, for our Intelligence Community, and for our country.  Oaths do matter, and there are indeed consequences for those who believe they are above the laws that protect our fellow officers and enable American intelligence agencies to operate with the requisite degree of secrecy.

October 24: Benghazi suspect killed in Cairo.

October 26: Fox reports that CIA security in annex were twice told to stand down by “CIA chain of command.”

October 26: At an appearance at DU, Paula Broadwell says,

Now, I don’t know if a lot of you heard this, but the CIA annex had actually, um, had taken a couple of Libyan militia members prisoner and they think that the attack on the consulate was an effort to try to get these prisoners back. So that’s still being vetted.

The challenging thing for General Petraeus is that in his new position, he’s not allowed to communicate with the press. So he’s known all of this — they had correspondence with the CIA station chief in, in Libya. Within 24 hours they kind of knew what was happening.

Update: See this post, which makes it clear Fox had the detail about prisoners but then took it out.

October 27: Petraeus and Broadwell hobnobbing at black tie event.

October 29: FBI interviews Petraeus.

October 31: Acting after speaking to FBI “whistleblower,” Eric Cantor’s Chief of Staff calls Robert Mueller about investigation.

October 31- November 1: Petraeus in Cairo for security discussions.

November 2 [based on a briefing held November 1 while Petraeus was still in Cairo]: CIA releases timeline rebutting Fox report–mentioned by Broadwell–that CIA chain of command told security to stand down.

November 2: FBI interviews Broadwell a second time.

November 2: Scott Shane writes odd article on demise of Petraeus’ image, blaming his absence from media for Benghazi blowback, in part repeating a point made by Broadwell on October 26. Read more

Why Would a Whistleblower Go to Eric Cantor?

/142 Comments/in /by

The NYT reports that in late October, a “whistleblower” approached Eric Cantor to tell him about Petraeus’ affair.

Eric Cantor, the House majority leader, said Saturday an F.B.I. employee whom his staff described as a whistle-blower told him about Mr. Petraeus’s affair and a possible security breach in late October, which was after the investigation had begun.

“I was contacted by an F.B.I. employee concerned that sensitive, classified information may have been compromised and made certain Director Mueller was aware of these serious allegations and the potential risk to our national security,” Mr. Cantor said in a statement.

Mr. Cantor talked to the person after being told by Representative Dave Reichert, Republican of Washington, that a whistle-blower wanted to speak to someone in the Congressional leadership about a national security concern. On Oct. 31, his chief of staff, Steve Stombres, called the F.B.I. to tell them about the call.

“They took the information,” said Doug Heye, Mr. Cantor’s deputy chief of staff, “and gave the standard answer: they were not able to confirm or deny any investigation, but said that all necessary steps were being taken to make sure no confidential information was at risk.” [my emphasis]

Note Cantor describes this person as an “FBI employee,” not an agent (though he may be deliberately vague to hide the person’s identity), so it’s possible this person is more senior. The person went first to Dave Reichert, who–as a Representative from Seattle–has no ties to the FBI offices that conducted the investigation (though he’s a former Sheriff and may have ties to the FBI through law enforcement channels). And then he asked to talk to someone “in Congressional leadership,” rather than, say, the head of the House Judiciary Committee, Lamar Smith, who has jurisdiction over the FBI, or Mike Rogers, himself a former FBI Agent and the head of the House Intelligence Committee.

In other words, this instance of whistleblower was not conducted as it normally would be, through the appropriate committees, but instead went to the guy whose job is primarily political, leading the Republican caucus.

Note the timing, too. Petraeus was interviewed around October 25-26. Given that Cantor’s Chief of Staff called Mueller after that, it appears the FBI person probably contacted Cantor after that interview–or certainly after it got scheduled. One thing’s certain: the interview could not have been a CYA effort after Mueller got the call from Cantor.

But it may be what Dianne Feinstein called a “additional complication” today. And it’s possible James Clapper finally got informed of the investigation into Petraeus–he says, on November 6, election day–because Mueller knew that Cantor had heard of it. That is, by alerting Cantor, this “whistleblower” may have ensured the national security establishment couldn’t protect Petraeus.

One more note about the timing. The interview–and this alert to Cantor–happened after the time the GOP was going full October Surprise mode on Benghazi. There were tensions between CIA and FBI because CIA had not shared video fo the attack with investigators. Again, there’s no reason to believe this is Benghazi related. But there were certainly institutional tensions playing out just as the FBI interviewed the head of the CIA about his mistress’ access of his email.

Update: Apparently Andrea Mitchell says the FBI investigation would have ended had this not been brought to Cantor.

NGOs to Congress: Don’t Hide Our Secret Government

/2 Comments/in /by

I noted last week that the Senate Intelligence Committee had acceded to Director of National Intelligence James Clapper’s request that it repeal the requirement that his office produce a yearly report on the number of people with security clearances.

On Tuesday a group of NGOs wrote the Intelligence Committees asking they reverse course and retain the report requirement. They argue, in part, that the report has generated far more attention than typical government reports. And that the report offered the public an unprecedented understanding of the size of the clearance community.

We believe the annual report on security clearances provides exceptional value to the public and should continue to be published.
In the two years that the report has been produced, it has dramatically altered our conception of the size and scale of the personnel security clearance system. Prior to the reporting requirement, the Government Accountability Office could only estimate the number of security cleared personnel, and its latest estimate was low by more than a million clearances.
As evidence of the exceptional public interest in this report, we note that the findings of the latest annual report have appeared in the New York Times (July 24), the Washington Post (July 28), and McClatchy Papers (July 27), among others. As you know, this level of attention is well above average for a report to Congress on any topic.
Through this annual reporting requirement, your Committees have provided an unprecedented degree of transparency concerning the security clearance system. We thank you for that, and we respectfully request that you maintain this important reporting requirement.

Let’s hope that bit of flattery at the end works. If not, I guess we can conclude that even this tiny bit of transparency on our secret government is deemed too much for mere citizens to have.

Nuke Site Breached Just Days After SSCI Moved to Eliminate Reporting on Nuke Site Security

/6 Comments/in , , , /by

I have been dawdling about writing this post, in which I explain that two of the reporting requirements the Senate Intelligence Committee rather stupidly, IMO, moved to eliminate last week pertain to the security of our nuclear labs.

Back when I criticized the plan to eliminate these reports in June, I wrote,

The bill would eliminate two reporting requirements imposed in the wake of the Wen Ho Lee scandal: that the President report on how the government is defending against Chinese spying and that the Secretary of Energy report on the security of the nation’s nuclear labs. Just last year, the Oak Ridge National Laboratory had to separate from the Internet because some entity–China would be a good candidate–had hacked the lab and was downloading data from their servers. Now seems a really stupid time to stop reporting on efforts to avoid such breaches.

In spite of these very obvious reasons, the Senate did indeed eliminate two reporting requirements pertaining to national labs (though they kept the one pertaining to Chinese spying).

(7) REPEAL OF REPORTING REQUIREMENT REGARDING COUNTERINTELLIGENCE AND SECURITY PRACTICES AT THE NATIONAL LABORATORIES.—Section 4507 of the Atomic Energy Defense Act (50 U.S.C. 2658) is repealed.

(8) REPEAL OF REPORTING REQUIREMENT REGARDING SECURITY VULNERABILITIES OF NATIONAL LABORATORY COMPUTERS.—Section 4508 of the Atomic Energy Defense Act (50 U.S.C. 2659) is repealed.

I’m glad I waited. Now I can use this story to demonstrate how vulnerable our nuclear labs remain.

The U.S. government’s only facility for handling, processing and storing weapons-grade uranium [Oak Ridge National Lab] was temporarily shut this week after anti-nuclear activists, including an 82-year-old nun, breached security fences, government officials said on Thursday.

[snip]

The activists painted slogans and threw what they said was human blood on the wall of the facility, one of numerous buildings in the facility known by the code name Y-12 that it was given during World War II, officials said.

While moving between the perimeter fences, the activists triggered sensors which alerted security personnel. However, officials conceded that the intruders still were able to reach the building’s walls before security personnel got to them.

When James Clapper’s office asked to throw these reports out, they justified it by saying they could just brief the information rather than report it regularly.

This reporting requirement should be repealed because it is over a decade old and the Secretary of Energy and the National Counterintelligence Executive can provide the information requested through briefings, as requested, if congressional interest persists.

Oak Ridge Lab has been breached twice in two years, once via its computer systems and now physically. I’m sure Congress will be getting a slew of briefings about the lab, but it really does seem like a little reporting requirement might help DOE to take this seriously.

Senate Moves to Hide Our Secret Government

/10 Comments/in /by

A few weeks ago, the fact that there are now 4.8 million people in the US with security clearances got a fair amount of attention. 1.5% of our country has access to at least information classified as secret. The job security of most of those people depends on maintaining good standing in the somewhat arbitrary world of security clearance.

The Senate Intelligence Committee wants to make sure we don’t learn that number anymore.

In the Intelligence Authorization, it just eliminated the requirement for that report.

(3) REPEAL OF REPORTING REQUIREMENTS REGARDING SECURITY CLEARANCES.—

(A) IN GENERAL.—Section 506H of the National Security Act of 1947 (50 U.S.C. 415a–10) is repealed.

(B) TABLE OF CONTENTS AMENDMENT.— The National Security Act of 1947 (50 U.S.C. 401 et seq.) is amended in the table of contents in the first section by striking the item relating to section 506H.

The language this bill would repeal reads, in part,

(b) Report on Security Clearance Determinations.–

(1) Not later than February 1 of each year, the President shall submit to Congress a report on the security clearance process. Such report shall include, for each security clearance level–

(A) the number of employees of the United States Government who–

(i) held a security clearance at such level as of October 1 of the preceding year; and

(ii) were approved for a security clearance at such level during the preceding fiscal year;

(B) the number of contractors to the United States Government who–

(i) held a security clearance at such level as of October 1 of the preceding year; and

(ii) were approved for a security clearance at such level during the preceding fiscal year;

When ODNI requested the elimination of this report in June, arguing that since the government has caught up on the backlog approving security clearances, it suggested there is no more reason to track this information. If Congress still cares how big our secret government has gotten, ODNI says, they can get briefings.

Justification: Section 506H includes two enduring reporting requirements. The requirement for a quadrennial audit of positions requiring security clearances should be repealed because the National Counterintelligence Executive, in partnership with other agencies with similar responsibilities, examines the manner in which security clearance requirements are determined more frequently than once every four years. Rather than submit a report regarding a quadrennial activity, the executive branch can provide more frequent briefings, as requested, if congressional interest persists.
With regard to the annual reporting requirement on security clearance determinations, the Executive Branch as a whole has made significant progress in expediting and streamlining the security clearance process since the passage of the Intelligence Reform and Terrorism Prevention Act, thus reducing the saliency of this report. This reporting requirement should be replaced by briefings, as requested, if congressional interest persists.

I guess “giving citizens a hint of the size of their secret government” has nothing to do with why this report was considered salient.

This is crazy. As our secret government continues to metastasize, and as those who hold clearances are subjected to an increasingly arbitrary system of control (which I’ll discuss in a later report), the Senate Intelligence Committee has moved to hide the one report that gives us a sense of how big the secret government really is (and how much of our secret government consists of contractors).

 

Why Are FAA Boosters Satisfied with Inadequate Oversight?

/8 Comments/in /by

Julian Sanchez hosted a Cato event yesterday that examined surveillance generally and the FISA Amendments Act specifically. At it, Ron Wyden presented his concerns about the FISA Amendments Act and other surveillance, and then ACLU’s Michelle Richardson and NYT’s Eric Lichtblau added their own views.

There was one question asked during the question period claiming that the program undergoes adequate reviews. The questioner was Georgetown’s Director of National Security Studies, Carrie Cordero, who had a role on FISA implementation until 2010, who has now reprised and expanded her comments at Lawfare.

She starts by addressing Wyden’s request that DNI to tell Congress how many Americans have had their communications “collected or reviewed.”

In particular, they have, in a series of letters, requested that the Executive Branch provide an estimate of the number of Americans incidentally intercepted during the course of FAA surveillance. According to the exchanges of letters, the Executive Branch has repeatedly denied the request, on the basis that: i) it would be an unreasonable burden on the workforce (and, presumably, would take intelligence professionals off their national security mission); and ii) gathering the data the senators are requesting would, in and of itself, violate privacy rights of Americans.

The question of whether the data call itself would violate privacy rights is a more interesting one. Multiple oversight personnel independent of the operational and analytical wings of the Intelligence Community – including the Office of Management and Budget, the NSA Inspector General, and just last month, the Inspector General of the Intelligence Community, have all said that the data call requested by the senators is not feasible. The other members of the SSCI appear to accept this claim on its face. Meanwhile, Senator Wyden states he just finds the claim unbelievable. [my emphasis]

Note, first of all, that she mischaracterizes Wyden’s request. He asked about US person communication that had been “collected or reviewed,” whereas she claimed he was asking only about incidental interception. Those are different things, and what Wyden’s interested in is far more invasive than simply having your communications sitting in a data warehouse in UT unread.

That’s important because Cordero treats one aspect of the DNI IG’s response–the privacy claim–as an “interesting question,” but then she proceeds to not answer the question. She instead reverts back to what she had correctly portrayed as NSA’s claim that NSA didn’t have the capacity because it would be “unreasonable burden on the workforce,” then asks why Wyden doesn’t believe that claim.

Remember, the privacy claim was raised solely in terms of whether the NSA’s Inspector General could conduct a review, not whether NSA analysts should be pulled off reviewing intercepts to find out how many of them are Americans. So if that claim is not credible–and ultimately, she doesn’t say it is–then NSA IG’s sole remaining rationale is a manpower one.

Frankly, if it would take that much manpower to come up with an answer, it says the program isn’t being tracked adequately.

Cordero then gets to the jist of a comment she made at the hearing: that there are a bunch of reviews which provide adequate oversight.

Meanwhile, the assertion of today’s program’s title that the FAA enables “mass spying without accountability,” is debunked by the SSCI’s own report issued on June 7. The intelligence committees have been on the receiving end of a mountain of reports describing FAA activities, the FISA Court’s reviews, and the Executive Branch’s own compliance reviews. The SSCI report, and the additional written views of Senator Feinstein (D-CA), the Committee’s Chair, states that the statutorily-mandated reporting requirements “provide the Committee with extensive visibility into the application of…minimization procedures,” and have enabled the Committee to conduct “extensive” and “robust” oversight. The report goes on to detail all of the different categories of reports and briefings that have been provided to the Committee to facilitate their oversight role, in accordance with the National Security Act of 1947, as amended. [my emphasis]

Cordero claims that the SSCI report and DiFi’s additional reviews boast about reporting requirements. But only the word “extensive” appears in the report approved by SSCI as a whole, and it appears to simply repeat language from an appendix Eric Holder and James Clapper provided. The rest comes from this paragraph:

Third, the numerous reporting requirements outlined above provide the Committee with extensive visibility into the application of these minimization procedures and enable the Committee to evaluate the extent to which these procedures are effective in protecting the privacy and civil liberties of U.S. persons. Read more

Ron Wyden to Dianne Feinstein: Pants on Fire

/13 Comments/in /by

While the language about the FISA Amendments Act that Ron Wyden just got James Clapper to clear for release (first reported by Spencer Ackerman) doesn’t exactly call Dianne Feinstein a liar, it comes close.

Wyden got the following three statements cleared:

  • A recent unclassified report noted that the Foreign Intelligence Surveillance Court has repeatedly held that collection carried out pursuant to the FISA Section 702 minimization procedures used by the government is reasonable under the Fourth Amendment.
  • It is also true that on at least one occasion the Foreign Intelligence Surveillance Court held that some collection carried out pursuant to the Section 702 minimization procedures used by the government was unreasonable under the Fourth Amendment.
  • I believe that the government’s implementation of Section 702 of FISA has sometimes circumvented the spirit of the law, and on at least one occasion, the FISA Court has reached this same conclusion. [my emphasis]

The unclassified report in question is the Senate Intelligence Committee’s report from the FISA Amendments Act extension mark-up.

Third, the numerous reporting requirements outlined above provide the Committee with extensive visibility into the application of these minimization procedures and enable the Committee to evaluate the extent to which these procedures are effective in protecting the privacy and civil liberties of U.S. persons. Notably, the FISA Court, which receives many of the same reports available to the Committee, has repeatedly held that collection carried out pursuant to the Section 702 minimization procedures used by the government is reasonable under the Fourth Amendment. [my emphasis]

The passage in question comes from DiFi’s additional views.

With this declassified language, Wyden is making clear how incomplete DiFi’s claims about the law are.

But don’t worry, James Clapper’s office says. They’ve rectified the problems. Of NSA violating minimization requirements, that is, not of the Senate Intelligence Committee Chair making grossly misleading comments to push for passage of the extension.

Lamar Smith’s Futile Leak Investigation

/4 Comments/in , , , , , /by

Lamar Smtih has come up with a list of 7 national security personnel he wants to question in his own leak investigation. (h/t Kevin Gosztola)

House Judiciary Committee Chairman Lamar Smith, R-Texas, told President Obama Thursday he’d like to interview seven current and former administration officials who may know something about a spate of national security leaks.

[snip]

The administration officials include National Security Advisor Thomas Donilon, Director of National Intelligence James Clapper, former White House Chief of Staff Bill Daley, Assistant to the President for Homeland Security and Counterterrorism John Brennan, Deputy National Security Advisor Denis McDonough, Director for Counterterrorism Audrey Tomason and National Security Advisor to the Vice President Antony Blinken.

Of course the effort is sure to be futile–if Smith’s goal is to figure out who leaked to the media (though it’ll serve its purpose of creating a political shitstorm just fine)–for two reasons.

First, only Clapper serves in a role that Congress has an unquestioned authority to subpoena (and even there, I can see the Intelligence Committees getting snippy about their turf–it’s their job to provide impotent oversight over intelligence, not the Judiciary Committees).

As for members of the National Security Council (Tom Donilon, John Brennan, Denis McDonough, Audrey Tomason, and Antony Blinken) and figures, like Bill Daley, who aren’t congressionally approved? That’s a bit dicier. (Which is part of the reason it’s so dangerous to have our drone targeting done in NSC where it eludes easy congressional oversight.)

A pity Republicans made such a stink over the HJC subpoenaing Karl Rove and David Addington and backed Bush’s efforts to prevent Condi Rice from testifying, huh?

The other problem is that Smith’s list, by design, won’t reveal who leaked the stories he’s investigating. He says he wants to investigate 7 leaks.

Smith said the committee intends to focus on seven national security leaks to the media. They include information about the Iran-targeted Stuxnet and Flame virus attacks, the administration’s targeted killings of terrorism suspects and the raid which killed Usama bin Laden.

Smith wants to know how details about the operations of SEAL Team Six, which executed the bin Laden raid in Pakistan, wound up in the hands of film producers making a film for the president’s re-election. Also on the docket is the identity of the doctor who performed DNA tests which helped lead the U.S. to bin Laden’s hideout.

But his list doesn’t include everyone who is a likely or even certain leaker.

Take StuxNet and Flame. Not only has Smith forgotten about the programmers (alleged to be Israeli) who let StuxNet into the wild in the first place–once that happened, everything else was confirmation of things David Sanger and security researchers were able to come up with on their own–but he doesn’t ask to speak to the Israeli spooks demanding more credit for the virus.

Read more