Of all the questions Edward Snowden raised by leaking reams of classified materials to the Washington Post and The Guardian newspapers, why and how a person with his experience and responsibilities had access to what appears to be an enormous array of classified information are two of the biggest.
Snowden famously claims that in his technical roles at NSA, he had access to the intelligence community’s most tightly held secrets — “full access to the rosters of everyone working at the NSA, the entire intelligence community, and undercover assets all around the world, the locations of every station we have, what their missions are and so forth” — in addition to the power to shut down powerful collections systems over the course of several hours.
Snowden also claimed to be able to wiretap virtually anyone. “I, sitting at my desk, certainly had the authorities to wiretap anyone from you or your accountant to a federal judge to even the president if I had a personal email,” he told the Guardian.
A former top lawyer at the NSA and CIA dismissed Snowden’s claim as a “complete and utter” falsehood. “First of all it’s illegal,” Robert Deitz told the Los Angeles Times. “There is enormous oversight. They have keystroke auditing. There are, from time to time, cases in which some analyst is [angry] at his ex-wife and looks at the wrong thing and he is caught and fired,” he said.
But even if he exaggerated or lied about how porous the system is, the nature of the counterintelligence investigation to determine both the extent of his knowledge and access, and, more tellingly, why he had access to some of the things he actually leaked, suggests he genuinely had more visibility than his clearance entitled him to have.
According to the Post, investigators are “working with the NSA and others around the intelligence community to understand exactly what information this individual had access to, and how that individual was able to take that information outside the community.”
Former NSA inspector general Joel Brenner told the Post the investigation should center on why Snowden had, in his words, “access to such a startling range of information.”
The nature of the information that has been disclosed in the press thus far points to the conclusion that Snowden leaked both materials an NSA system administrator might understandably have access to, and materials that should only have been available to handfuls of high-ranking agency officials.
“What was disclosed was not particular collection operations in detail, but more the kind of authorizing documents, and in one case a briefing … describing in more general terms what the nature of the collection program was,” former intelligence officer Paul Pillar told TPM. “It doesn’t surprise me that someone who was supposed to be providing technical contract expertise [had access] to that kind of program.”
In other words, as far as we know, based on what’s been published, Snowden had visibility into the existence of programs and the legal authorizations for them, but not the data and metadata those programs are designed to collect.
But that doesn’t account for two different facts. First, Snowden and reporters at both The Guardian and The Washington Post claim he leaked significantly more than what’s been disclosed, and much of it will remain unpublished because it is simply too sensitive. Second, one of the documents he leaked — a secret court order renewing the NSA’s authority to collect huge amounts of phone company metadata — probably isn’t intended to be available to tech guys like Snowden.
A former NSA official told the Post that “maybe 30 or maybe 40” people at the entire agency should have had access to that document.
But it’s possible that the intelligence community itself, which has erected strong incentives against allowing security failures and imposes huge penalties again leakers, grew too sanguine about the likelihood of a major leak, and thus allowed compartmenting walls to crumble.
“Companies like Booz [Allen Hamilton] know damn well, and that’s why it’s one of the biggest embarrassment’s in the company’s history, that they have to maintain secrecy for their government clients,” Pillar said.