Would You Trust Any Organization That Doesn't Trust 4,000 Of Its Employees? What If It's The NSA?
from the something-wrong-here dept
It's becoming increasingly clear that one of the reasons Edward Snowden was able to access so much secret information -- and walk out of the door with it -- is that the NSA is an organizational mess. A fascinating post by David Ignatius in the Washington Post underlines another way in which the NSA is deeply dysfunctional by any normal standard:
the NSA planned to investigate at least 4,000 of its employees and contractors in 2013, thanks in part to new software that could detect "anomalous" behavior by the workforce.
He goes on to ask an extremely important question:
How do you run an organization where 4,000 of your employees are suspect? I fear that if the NSA tries to impose ever-more stringent controls, this will create even more disgruntled workers and a larger pool of anomalies. A new "Red Scare" may well follow the Snowden revelations, but making every employee a suspect is likely to backfire.
Even the most anodyne of organizations that can't fully trust 4000 of its employees is in big trouble; if it's one that handles some of the most sensitive information in the world, with the potential to save or cost many lives, that lack of trust is a recipe for disaster on a massive scale. And as Ignatius notes, the more the NSA tries to clamp down on people, the more likely it is to create further Edward Snowdens.
Ignatius also points out that the solution is not to close down, but to open up. By reducing drastically the number of things that are deemed secret in the first place, it would be possible to concentrate on protecting just those that really matter:
The beneficiaries in a no-secrets world will be relatively open societies, such as the United States, that are slowly developing a culture of accountability and disclosure for their intelligence agencies, however painful the process may be. The fewer secrets, the less to protect.
Although it's arguable to what extent the US has developed that "culture of accountability and disclosure" for the NSA yet, as President Obama inches towards admitting the scale of the problem here, the rest of the analysis in Ignatius' piece is well-worth reading.