General Michael Hayden is no stranger to government — or to your data. As the former director of the NSA and the CIA, he oversaw controversial surveillance programs and had authority over some of the government’s most closely kept secrets. Since he retired from his post at the CIA in 2009, Hayden has worked with a security consulting firm run by former secretary of the Department of Homeland Security, Michael Chertoff.
At Disrupt NY 2016 today, Hayden sat down with our own Matt Burns to discuss the recent debate in Congress over reforming a portion of the Foreign Intelligence Surveillance Act (FISA), Section 702, which authorizes the collection of Internet traffic by the NSA. He also shared his thoughts on both parties’ presumptive presidential nominees, Donald Trump and Hillary Clinton, and discussed the Edward Snowden disclosures that forced his former agency into the public eye.
Section 702 is set to expire at the end of next year, and Congress has begun the process of deciding whether to renew it as written or to make changes to it. During a Senate Judiciary Committee hearing yesterday, senators questioned national security officials and civil liberties advocates about whether Section 702 should be modified to require NSA and FBI analysts to obtain a warrant before querying their massive databases for information about Americans.
Hayden called the warrant question “a no-fooling legitimate issue.”
“That’s a legitimate discussion we should have,” Hayden said. But he also defended the surveillance conducted under the authority of Section 702, pointing out that the NSA’s collection of Internet traffic is permitted under generalized warrants given through the FISA court. He reiterated the NSA’s usual defense of 702 surveillance — that Americans’ data is only incidentally collected when analysts are seeking information of overseas targets.
Surveillance under 702 is supposed to be focused primarily on suspects in terrorist organizations, but privacy and civil liberties watchdogs have cautioned that the 702 requirements are so broad that many Americans’ communications are also collected by the NSA. How many Americans are vulnerable isn’t easily apparent — Congress has been asking intelligence agencies to disclose how many times they query Americans’ information for years with no success.
Hayden defended the NSA’s reluctance to detail how often it queries the database for information about Americans, claiming that releasing these statistics would result in greater harm to Americans’ privacy.
“For Jim [James Clapper, the Director of National Intelligence] to answer the question would require him to go through the collection and tally up all of the incidental collection, even if the collection has never been touched before,” Hayden said. He added that tallying the number of Americans whose data has been accessed would require putting those Americans’ emails and data under the scrutiny of analysts for a second time.
He said that such a tally would “squeeze privacy” but added that it might be worthwhile in order to satisfy critics of the collection program.
Soon, the presidential candidates will begin receiving classified briefings from the CIA, one of Hayden’s former agencies. Hayden expressed skepticism over Trump’s and Clinton’s ability to handle the classified information safely.
“When candidate Trump gets that first briefing, he will be introduced to problems infinitely more complex than any real estate deal he has ever encountered,” Hayden said. Staying true to his background as an analyst, he wondered if the new requirements on Trump to deal with complex issues would inspire new behavior.
But Hayden didn’t sound very optimistic about Trump’s ability to handle the nation’s security. He said Trump’s national security understanding is at “a level of sophistication that’s a half-a-level below bumper stickers,” and reiterated that Trump’s discussion of keeping Muslims out of the country provided fodder to jihadist narratives.
Hayden didn’t mince words when it came to Clinton, either, referring to her decision to operate her own email server out of her home as the “original sin.”
“Guccifer says he’s been inside of it,” Hayden remarked, name-dropping the Romanian hacker who originally exposed Clinton’s use of a private server. “I would lose respect for scores of foreign intelligence agencies around the world if they were not already thumbing through all the emails stored on that server,” Hayden said. (We assume he meant that intelligence agencies had hacked Clinton’s server — at this point, the majority of Clinton’s emails have been made public and anyone can thumb through them.)
Hayden picks Apple
Although it may surprise those who have followed the FBI’s battle with Apple over encryption, Hayden has broken ranks with his colleagues in government and consistently backed Apple in the debate.
“It doesn’t matter what [FBI Director James] Comey says, it doesn’t matter what Congress says,” Hayden said, explaining that the progression of strong encryption is inevitable. “The arc of technology is in the direction of unbreakable encryption and no laws are going to get in the way of that reality,” he added.
For law enforcement agencies like the FBI, which have lobbied Congress and fought pitched court battles over access to encrypted data, Hayden had a piece of advice: forget about decrypting content. “My advice is, get over it. There’s still a lot of things you can legitimately do to make America safe through electronic surveillance,” Hayden said.
Instead of pursuing content, Hayden suggested that law enforcement agencies turn to metadata. Hayden, who has previously said that the American military kills people based on metadata, said that such information is a ripe area of investigation for law enforcement.
[gallery columns="5" ids="1321419,1321418,1321417,1321416,1321415,1321414,1321407,1321406,1321405,1321404"]