By Jesselyn Radack
It is the leakiest of times in the Executive Branch. [A little over a week ago],Â Wikileaks publishedÂ a massive and, by all accounts genuine, trove of documents revealing that the CIA has been stockpiling, and lost control of, hacking tools it uses against targets. Particularly noteworthy were the revelations that the CIA developed a tool to hack Samsung TVs and turn them into recording devices and that the CIA worked to infiltrate both Apple and Google smart phone operating systems since it could not break encryption. No one in government has challenged the authenticity of the documents disclosed.
We do not know the identity of the source or sources, nor can we be 100% certain of his or her motivations.Â Wikileaks writesÂ that the source sent a statement that policy questions â€œurgently need to be debated in public, including whether the CIAâ€™s hacking capabilities exceed its mandated powers and the problem of public oversight of the agencyâ€ and that the source â€œwishes to initiate a public debate about the security, creation, use, proliferation and democratic control of cyber-weapons.â€
The FBI has already begunÂ hunting down the sourceÂ as part of a criminal leak investigation. Historically, the criminal justice system has been a particularly inept judge of who is a whistleblower. Moreover, it has allowed the use of the pernicious Espionage Actâ€”an arcane law meant to go after spiesâ€”to go after whistleblowers who reveal information the public interest. My client, former NSA senior official Thomas Drake, was prosecuted under the Espionage Act, only to later beÂ widely recognizedÂ as a whistleblower. There is no public interest defense to Espionage Act charges, andÂ courts have ruledÂ that a whistleblowerâ€™s motive, however salutary, is irrelevant to determining guilt.
The Intelligence Community is an equally bad judge of who is a whistleblower, and has a vested interest in giving no positive reinforcement to those who air its dirty laundry. The Intelligence Community reflexively claims that anyone who makes public secret information is not a whistleblower.Â Former NSA and CIA Director General Michael V. Hayden speculatedÂ that the recent leaks are to be blamed on young millennials harboring some disrespect for the venerable intelligence agencies responsible for mass surveillance and torture. Not only is his speculation speculative, but itâ€™s proven wrong by the fact that whistleblowers who go to the press span the generational spectrum from Pentagon Papers whistleblower Daniel Ellsberg to mid-career and senior level public servants like CIA torture whistleblower John Kiriakou and NSA whistleblower Thomas Drake to early-career millennials like Army whistleblower Chelsea Manning and NSA whistleblower Edward Snowden. The lawbreaker does not get to decide who is a whistleblower.
Not all leaks of information are whistleblowing, and the word â€œwhistleblowerâ€ is a loaded term, so whether or not the Vault 7 source conceives of him or herself as a whistleblower is not a particularly pertinent inquiry. The label â€œwhistleblowerâ€ does not convey some mythical power or goodness, or some â€œmoral narcissism,â€ a term used to describe me when I blew the whistle. Rather, whether an action is whistleblowing depends on whether or not the information disclosed is in the public interest and reveals fraud, waste, abuse, illegality or dangers to public health and safety. Even if some of the information revealed does not qualify, it should be remembered that whistleblowers are often faulted with being over- or under-inclusive with their disclosures. Again, it is the quality of the information, not the quantity, nor the character of the source.
Already, the information in the Vault 7 documents revealed that the Intelligence Community has misled the American people. In the wake of Snowdenâ€™s revelations, the Intelligence Community committed to avoid the stockpiling of technological vulnerabilities,Â publicly claimingÂ that its bias was toward â€œdisclosing themâ€ so as to better protect everyoneâ€™s privacy. However, the Vault 7 documents reveal just the opposite: not only has the CIA been stockpiling exploits, it has been aggressively working to undermine our Internet security. Even assuming the CIA is using its hacking tools against the right targets, a pause-worthy presumption given theÂ agencyâ€™s checkered history, the CIA has empowered the rest of the hacker world and foreign adversaries by hoarding vulnerabilities, and thereby undermined the privacy rights of all Americans and millions of innocent people around the world. Democracy depends on an informed citizenry, and journalistic sourcesâ€”whether they call themselves whistleblowers or notâ€”are a critical component when the government uses national security as justification to keep so much of its activities hidden from public view.
As we learn more about the Vault 7 source and the disclosures, our focus should be on the substance of the disclosures. Historically, the governmentâ€™s reflexive instinct is to shoot the messenger, pathologize the whistleblower, and drill down on his or her motives, while the transparency community holds its breath that he or she will turn out to be pure as the driven snow. But thatâ€™s all deflection from plumbing the much more difficult questions, which are: Should the CIA be allowed to conduct these activities, and should it be doing so in secret without any public oversight?
These are questions we would not even be asking without the Vault 7 source.Î¦