Parliamentary oversight of security and intelligence agencies in the EU

One of the reasons for the lack of posts on this blog the past months is that I co-authored this large study (446 pages), together with Aidan Wills, for the European Parliament’s Civil Liberties, Justice and Home Affairs Committee (LIBE). The study came out today, and also includes a number of attachments written by national intelligence oversight bodies.

Abstract: This study evaluates the oversight of national security and intelligence agencies by parliaments and specialised non-parliamentary oversight bodies, with a view to identifying good practices that can inform the European Parliament’s approach to strengthening the oversight of Europol, Eurojust, Frontex and, to a lesser extent, Sitcen. The study puts forward a series of detailed recommendations (including in the field of access to classified information) that are formulated on the basis of indepth assessments of: (1) the current functions and powers of these four bodies; (2) existing arrangements for the oversight of these bodies by the European Parliament, the Joint Supervisory Bodies and national parliaments; and (3) the legal and institutional frameworks for parliamentary and specialised oversight of security and intelligence agencies in EU Member States and other major democracies.

We will present the study at the LIBE Committee at 15h on Monday the 3d of October. An Interparliamentary Committee Meeting on  “Democratic Accountability of the Internal Security Strategy and the Role of Europol, Eurojust and Frontex” will be held on Wednesday 5 October from 15.00 to 18.30 and on Thursday 6 October from 9.00 to 12.30 in the Hemicycle of the Paul-Henri Spaak building of the European Parliament as well, which is open to the public. You can register for this meeting until the 29th of September.

Dennis Blair: US intel relationship with brutal countries damages national interest

Quote from the NY Times

Dennis C. Blair, the former top American intelligence official, said that while spy services in places like Libya and Egypt were cooperating with the United States against Al Qaeda, they were “aggressively and sometimes brutally suppressing dissent in their own countries.”

“Not only did these intelligence relationships interfere with our ability to understand opposition forces, but in the eyes of the citizens of those countries they often identified the United States with the tools of oppression,” said Mr. Blair, who served until last May as President Obama’s director of national intelligence. He added that the recent uprisings offer an opportunity to “align our intelligence relationships with our national values.”

A C.I.A. spokesman declined to comment about the agency’s ties to foreign intelligence services. But Michael Scheuer, who spent two decades at the C.I.A. in counterterrorism operations, said it was absurd to believe that such work could be done without the help of unpalatable allies.

“Foreign policy and intelligence doesn’t have anything to do with values,” Mr. Scheuer said. “It has to do with material interests and security. We would be blind in most of the world if we only dealt with Rebecca of Sunnybrook Farm.”

Tightening links between the external and internal aspects of EU security

A note from the Hungarian EU presidency to the Standing Committee on operational cooperation on internal security (COSI) describes the desires of the Presidency to tighten the links between the external and internal aspects of EU security.  On the list is:

* Enhancing the exchange of personal and strategic information and criminal intelligence between EU civilian crisis management missions and relevant EU agencies, namely Europol, Eurojust and Frontex. How can data-sharing be enhanced in a context where civilian CSDP missions have no legal personality, information is often classified, Frontex is not allowed to exchange personal data, and only some of Europol’s formal agreements with third countries extend to the sharing of personal data?

* Involving JHA actors, including COSI and the relevant agencies in the early phase of the planning process, during the conduct and the review process of EU civilian crisis management missions including lessons learned. What are the main political and legal barriers that prevent FSJ actors from contributing to the planning and monitoring of CSDP civilian missions in third countries? How can FSJ actors be involved in the drafting of Crisis Management Concepts (CMC) and Concepts of Operations (CONOPS)?

* Integrating threat and risk assessments supplied by a variety of actors. The EU has anexcellent opportunity to utilise its current resources; crisis management missions, both civilian and military, have been developing their analysis capabilities, and it is suggested developing a toolkit to support the implementation of an ILP process in host countries where civilian CSDP missions are deployed. How can the various intelligence products supplied by specialised actors and agencies, such as SITCEN’s country and thematic reports, EUROPOL’s (S)OCTAs and TE-SAT reports, FRONTEX’s risk assessments and the Mission Analytical Capabilities’ (MAC) assessments, be streamlined so that actors dealing with the internal and externalaspects of European security have access to the relevant information? How does the confidentiality of reporting affect actors’ access to such products?

* Advocating the interests of CSDP and FSJ actors in the EU’s changing data protection landscape. Article 16 of the TFEU on data protection applies fully to the former first and third pillars, i.e. the internal market and police and judicial cooperation in criminal matters, but it only partially covers the CFSP area, including the CSDP. Europol, Eurojust and Frontex have their own data protection supervisory mechanisms. In view of the Commission’s intention to issue in 2011 a proposal on a comprehensive new legal framework on the protection of personal data in the EU, how will the EU’s changing legal landscape affect the exchange of personal data between CSDP and JHA actors?

Another note from the General Council secretariat to COSI includes an interesting report on the cooperation between JHA agencies in 2010. The agencies prepared a report focusing on ‘future cooperation and improvements’ in 2010, and used a scorecard to implement the provisions of this report.

The scorecard includes some interesting potential points of further cooperation, especially from the point of sharing of classified information between agencies.

1. Exploring the possible use of the secure communication link between Eurojust and Europol for the exchange of information between Eurojust national desks and Europol Liaison Bureaux. Eurojust is now exploring the possibility of exchanging information directly via a SIENA account. Europol offered Eurojust the possibility to install mailboxes for 27 Liaison Bureaux for Eurojust’s direct information exchange via SIENA.

2. Undertaking the necessary steps for a possible exchange of classified information above the level of ‘restricted’. In this context progress has been made between Europol and Eurojust to agree on a table
of equivalence to exchange classified information above the level of ‘EU

3. Frontex is implementing a Secure Area Network for up to the level of EU RESTRICTED, which is foreseen to implement the handling of classified information as of beginning of 2011. Once the network is stable and all the relevant applications are installed, the next step is to interconnect the network with Member States and third parties, such as Europol, which is foreseen to be fully available by May 2011. Europol has suggested Frontex consider the possibility of becoming part of, or that they make use of, the existing accredited Europol network, which provides a secure communication channel with Member States.

Frontex was subject to an EC/Council security inspection in September 2010: The exchange of information at level RESTRICTED can be permitted between SGC and Frontex or EC and Frontex. The fact that Frontex has implemented all the security measures to properly process RESTRICTED information was recognised by Europol even at an earlier stage. The cooperation agreement between Europol and Frontex, signed on 29 March 2008, approves the exchange of classified information at a RESTRICTED level.

Exchange of CONFIDENTIAL or above should only be envisaged after the recommendations are implemented. Recommendations were accepted by Frontex and are in the implementation phase. Frontex expects to be ready for the second EC/Council security inspection at the beginning of 2011. The outcome of the inspection may be used for concluding an agreement with Europol for exchanging classified information at level CONFIDENTIEL UE or higher.

Former CIA and NSA heads on the ‘the need to know’, Wikileaks and increased information sharing

Michael Hayden and Samuel Visner have an open-ed in the Baltimore sun in which they defend wider information sharing, if aided by sound security practices and advanced technology to protect information

Vital information sharing need not be a victim of WikiLeaks.

The principle of “need to know” requires segmenting information according to sensitivity and topic. Sharing must strike a balance between protecting security and fostering collaboration across all levels of government and, often, the private sector.

Striking multiple balances is necessary to protect and share sensitive information. Tactical military field units have little need for diplomatic communications, but they do require real-time access to searchable data from multiple government agencies, such as to tell if someone at a road checkpoint is a person of interest. Sensitive information has long been shared among agencies based on “need to know” but without being dumped into vast, poorly monitored databases. Government data on American citizens merits strong privacy protection, but under proper authorities, information sharing with law enforcement makes sense — if this helps uncover foreign espionage or terrorist plans.

Balance is also required in security measures. Disabling thumb and DVD drives on computers averts some kinds of information theft, but on the battlefield it could harm operational effectiveness. Imposing administrative security requirements common to intelligence headquarters or national agencies, such as polygraph exams, on all personnel in military field units would prove unacceptably burdensome.

In striking better balances, we cannot forget the post-Sept. 11 reasons why sharing became a higher priority. Uncovering and foiling terrorist threats requires that many entities work together and share information — often our best weapon.

Thus, policy on information sharing and security should improve along three paths:

•Personnel security. If Army Private Bradley Manning — suspected of leaking the WikiLeaks documents — had psychological problems, as alleged, should he have had access to sensitive information? When indications merit, personnel should undergo psychological testing to assess vulnerabilities that might raise security risks. Personnel clearances ought to be based on the type of information to which a person has access, not — as now — according to which agency employs someone.

•Security procedures. Although some “insider threats” arise from malicious intent, nearly all are abetted by sloppy execution of routine security procedures or perceptions that they are bothersome or unimportant. National security organizations should elevate security as a management priority, enforce rules more consistently and offer better training.

•Cyber tools. Cybersecurity techniques can detect much anomalous behavior, such as downloading, copying or printing numerous documents, seeking to access information in unusual ways or information not normally accessed, and transferring sensitive information to others. That such tools were not employed on the battlefield in Afghanistan is understandable but in retrospect imprudent.

More advanced cyber tools are being developed, such as to sift through huge volumes of seemingly disparate data and correlate findings. This need is a key lesson from the 2009 Christmas Day bombing attempt. New tools must address potential threats from mobile devices and social media and better detect and resolve suspicious exfiltrations. Improving analytic tools to better understand global information environments and characterize the behavior of systems remains a pressing challenge.

Reacting to the WikiLeaks disclosures by clamping down on information-sharing would risk failing to detect hard-to-predict or increasingly diverse threats. More prudent is to employ sound security practices and advanced technology while leveraging the advantages of information sharing and collaboration. National security and technology professionals have worked hard to gain these advantages, and they ought not to be hastily discarded.

Will Lord Goldsmith become the UK equivalent of John Yoo?

Afua Hirsch seems to suggest so in her comment is free article in The Guardian:

As the Guardian revealed yesterday, the UK authorities relied on Bangladeshi intelligence despite well-documented accounts of their use of torture. The then home secretary Jacqui Smith flew to Dhaka for face-to-face meetings with the Bangladeshi authorities. Not only did the likelihood that suspects were being tortured not deter those meetings, it was apparently never even mentioned.

Complicity in torture is of course one of many violations of international law associated with the invasion of Iraq and the interrogation of detainees that followed. So again, it is right to focus not only on the politicians who ordered the invasion, but also the government lawyers who pronounced on its legality. In these terms, the most obvious culprit for having approved the legality of the war itself is Lord Goldsmith, Tony Blair’s attorney-general, whose advice notoriously changed in the run-up to invasion. This issue is far from resolved and is bound to arise again this Friday when Blair is recalled to the Chilcot inquiry. Even those familiar with the details of the Blair-Goldsmith relationship confess to being in a state of confusion about Goldsmith’s latest statement this week.

New JSOC centre must oversee growing use of special anti-terrorism operations

AP reports that the Obama administration has ramped up its secret war on terror groups with a new military targeting center to oversee the growing use of special operations strikes against suspected militants in hot spots around the world.

Run by the U.S. Joint Special Operations Command, the new center would be a significant step in streamlining targeting operations previously scattered among U.S. and battlefields abroad and giving elite military officials closer access to Washington decision-makers and counterterror experts, the officials said.

The center aims to speed the sharing of information and shorten the time between targeting and military action, said two current and two former U.S. officials briefed on the project. Those officials and others insisted on condition of anonymity to discuss the classified matters.

The new center is similar in concept to the civilian National Counterterrorism Center, which was developed in 2004 as a wide-scope defensive bulwark in the wake of the Sept. 11, 2001 attacks to share intelligence and track terrorist threats.

But the new military center focuses instead on the offensive end of counterterrorism, tracking and targeting terrorist threats that have surfaced in recent years from Pakistan to Yemen and Somalia and other hot zones. Its targeting advice will largely direct elite special operations forces in both commando raids and missile strikes overseas.

The data also could be used at times to advise domestic law enforcement in dealing with suspected terrorists inside the U.S., the officials said. But the civilian authorities would have no role in “kill or capture” operations targeting militant suspects abroad.

The center is similar to several other so-called military intelligence “fusion” centers already operating in Iraq and Afghanistan. Those installations were designed to put special operations officials in the same room with intelligence professionals and analysts, allowing U.S. forces to shave the time between finding and tracking a target, and deciding how to respond.

At the heart of the new center’s analysis is a cloud-computing network tied into all elements of U.S. national security, from the eavesdropping capabilities of the National Security Agency to Homeland Security’s border-monitoring databases. The computer is designed to sift through masses of information to track militant suspects across the globe, said two U.S. officials familiar with the system.

Several military officials said the center is the brainchild of JSOC’s current commander, Vice Adm. Bill McRaven, who patterned it on the success of a military system called “counter-network,” which uses drone, satellite and human intelligence to drive operations on the ground in Iraq and Afghanistan.

While directly run by JSOC, the center’s staff is overseen by the Pentagon, while congressional committees have been briefed on its operations, officials said.

Over the past year, the numbers of special operations forces and commando raids against militants have surged in Afghanistan. Two strike forces have grown to 12, according to an intelligence official who spoke on condition of anonymity to discuss classified matters.

“We’ve gone from 30-35 targeted operations a month in June 2009 now to about 1,000 a month,” said NATO spokeswoman Maj. Sunset Belinsky. “More than 80 percent result in capture, and more than 80 percent of the time we capture a targeted individual or someone with a direct connection.”

How does it work?

McChrystal’s intelligence chief, Brig. Gen. Michael Flynn, recognized early innovations by special operations forces in the field and then refined the intelligence sharing process among the military into the “counter-network” system.

Under that system, U.S. special operations forces have acted as police crime scene investigators, quickly combing for evidence after capturing or killing their targets. They bring their data back to a team of defense intelligence analysts who work with interrogators questioning captured suspects. Their teamwork, officials said, speeds up the targeting of new terror suspects.

Similarly, the military’s new targeting center near Washington will rely on a steady flow of information and evidence from the field, which will then by analyzed by special operations experts and their civilian counterparts.

A tip from Africa that suspected militants are planning a strike in the United States, for example, would lead to the names of those suspects being fed into the cloud-computing network. The computer would compare the information with U.S. and international border and flight information, mined from the database of watch lists from the Counterterrorism Center, DHS and the FBI.

If the targets surface overseas, for example, in a country such as Somalia, where special operations forces have already staged snatch-and-grab raids against militants, the military forces would likely be chosen to pursue the targets.

But if the suspected militants turned up inside the U.S., the FBI and other domestic law enforcement would take the lead, officials said.

U.S. Intel Hub to Counter Islamism In Spain: Cable

The U.S. Embassy in Madrid proposed setting up an intelligence hub in the northeastern region of Catalonia to counter a “major center of radical Islamist activity,” according to a U.S. cable obtained by WikiLeaks and published Saturday by the newspaper El Pais.

The cable, dated October 2, 2007, said U.S. and Spanish authorities had identified Catalonia as having a “large Muslim Population Susceptible to Jihadist Recruitment” following increased surveillance after the 2004 Madrid train bombings, which killed 191 people.

“Specifically, we propose that our Consulate General in Barcelona become the platform for a multi-agency, jointly-coordinated counterterrorism, anti-crime, and intelligence center,” said the cable, classified secret and apparently authored by then-Ambassador Eduardo Aguirre.