Anonymity, sources and spies

This post part of a series:

In the wake of recent large-scale leaks of classified information from current and ex-employees of the U.S. government, media practitioners have begun to acquire, process, analyze, and disseminate intelligence by publishing it in full or redacted form.

Within this ecosystem, media practitioners are collecting, vetting, analyzing, and disseminating intelligence from confidential human sources.

Those sources (in specific instances) could be described as unilaterally acting ideological defectors from within the Intelligence Community. They may be motivated, for example, by their own patriotism or hacktivism, and/or they may be potential witting or unwitting pawns of foreign intelligence services.

They can also be considered state or state-supported actors themselves, even if acting unilaterally at first.

In 2010, for example, WikiLeaks, El Pais (Spain), Der Spiegel (Germany), Le Monde (France), The Guardian (U.K.), and The New York Times published U.S. Department of State diplomatic cables (COMINT) that a junior army military intelligence analyst had stolen while deployed in Iraq.

Beginning in 2013, The Guardian, Der Spiegel, the Washington Post, the Intercept, WikiLeaks, and other German and New Zealand news outlets published documents and information detailing the U.S. National Security Agencys (NSA) and the U.K.s Government Communications Headquarters’ (GCHQ) SIGINT capabilities and COMINT that was either stolen by ex-NSA contractor, Edward Snowden, or, in addition respectively, by someone else, who analysts suspect is an unidentifiedsecond source.’



The ‘Second Source’

The first presumed leak by a so-called ‘second-source‘ was a purported tasking order for foreign surveillance of German Chancellor Angela Merkel, published about in October 2013.

It was “not an authentic NSA interception order, nor is it from an NSA database,” but rather a transcription, notes Electrospaces.

The second presumed leak by a so-called ‘second source’ was a 50-page Top Secret Advanced Network Technology (ANT) Division product catalogue from then NSA’s Tailored Access Operations (TAO) unit, as well as other materials related to methods the Intelligence Community reportedly uses to hack computers.

A Der Spiegel article, containing the ANT catalogue, was published concurrently with a presentation in December 2013 at the 2013 Chaos Communication Congress in Hamburg, Germany by Jacob Appelbaum.

Then, in 2014, a third published leak, attributed by some to the so-called ‘second source,’ revealed alleged NSAs targeting selection rules.

Because of a similarity in the provenance of the materials leaked in 2013 and 2014, Electrospaces proposes the question: whether the ‘second source’ is associated with The Shadow Brokers, a mysterious online group that appeared in 2016 and went on to publish exploits and vulnerabilities reportedly used by the NSA’s TAO unit to conduct foreign surveillance and espionage.



Non-attributed Sources

Ethics guidelines generally caution journalists about the use of unnamed sources.

Given the growing prevalence of anonymous submission systems, is it ethical to ignore or otherwise not know the identity or motives of one’s sources, especially in light of recent judgements about foreign influence operations, such as Russia’s role in disseminating hacked COMINT from the information systems of a major U.S. political party during the 2016 presidential campaign?

How do media organizations avoid manipulation by anonymous sources, who may be ideologically motivated, or agents of foreign powers or other hostile actors

The U.S. Department of Justice has argued that leaks to the press are a “greater threat to society” than when spies sell classified information to a foreign government, because “every foreign adversary stands to benefit,” according to documents in the espionage prosecution of Jeffrey Sterling, a ex-CIA employee convicted of leaking classified information to a reporter at the New York Times.

As discussed yesterday, while the U.S., Russia, and China “still clearly lead in cyber-focused financial resources and manpower, there has been a significant rise of less well known nation-states due to the release of advanced exploits leaked [by The Shadow Brokers and Wikileaks] in recent years and available reverse engineering,” according to a recent empirical analysis by DarkOwl.

The leaks of NSA and CIA cyber-tools specifically “offered formerly less-powerful nations the ability to reframe themselves as power players and gain influence that was previously unattainable to them,” DarkOwl concludes.

Perhaps more critically, “closed societies now have the edge over open ones. It has become harder for Western countries to spy on places such as China, Iran, and Russia and easier for those countries’ intelligence services to spy on the rest of the world,” writes Edward Lucas, adding that a “gulf is growing between the cryptographic superpowers the United States, United Kingdom, France, Israel, China, and Russia and everyone else.”

But, according to the former The New York Times senior director of security, personal communication, Runa Sandvik, who I interviewed last year, not knowing the identity of a source may also lead to media professionals to undermine a source’s security: for example, when seeking to corroborate the anonymous party’s information.

So, what do media professionals and organizations ethically owe sources, the public, their governments, and the international community? And, does technical anonymity and privacy alone preserve the natural rights of individuals, and society itself?

Tomorrow, I will continue this series by exploring the notion and theory behind ‘statelessness’ and the proposed ‘state of nature’ of the global information and media economy.

This post part of a series: