This isn’t a huge surprise, but Rep. Dutch Ruppersberger, the NSA’s personal Rep in Congress (NSA HQ is in his district), has announced that he’s bringing back CISPA, the cybersecurity bill designed to make it easier for the NSA to access data from tech companies (that’s not how the bill’s supporters frame it, but that’s the core issue in the bill). In the past, Ruppersberger had a teammate in this effort, Rep. Mike Rogers, but Rogers has moved onto his new career as a radio and TV pundit (CNN just proudly announced hiring him), so Ruppersberger is going it alone this time around.
Not surprisingly, he’s using the Sony Hack as a reason for why this bill is needed:
?The reason I?m putting bill in now is I want to keep the momentum going on what?s happening out there in the world,? Rep. Dutch Ruppersberger… told The Hill in an interview, referring to the recent Sony hack, which the FBI blamed on North Korea.
Fair enough, then perhaps Ruppersberger could explain how CISPA would have prevented the Sony Hack? Of course, he can’t, because it wouldn’t have helped. CISPA is focused on getting companies to share more information with the government (including the NSA and DHS), but there’s no indication that Sony would have actually opened up its network for the NSA to snoop through and find these hackers (wherever they might have come from). Even if Sony had opened up its system to the government, it seems unlikely that the NSA would have magically spotted this hack and done anything about it.
Instead, using the Sony Hack as a hook is a cynical political ploy for a losing idea that is designed to harm the public and take away their privacy.
We’ve already written about the surprising, but encouraging, vote late last night to defund backdoor searches by the NSA. But it’s worth looking at some of the floor debate on the amendment last night — in particular the push against the amendment from Reps. Goodlatte and Ruppersberger, who both appear to flat out admit that the NSA does warrantless spying on Americans’ communications, in direct contrast to earlier claims. The reasons for these two to argue against the amendment are clear. Goodlatte was the guy who negotiated the “deal” with the White House and the House Intelligence Committee to completely water down the USA Freedom Act, and he knows that this amendment puts some of the substance that he stripped out right back in. Ruppersberger, of course, represents the district where the NSA is headquartered, and is the ranking member for the House Intelligence Committee. His loyalty to the NSA over the American public has always been clear. But to have them basically admit that the NSA does warrantless spying on Americans is quite impressive. Here are both of them arguing against the amendment:
Goodlatte kicks it off by whining about how this undoes the “carefully negotiated compromise” in the USA Freedom Act. He leaves out that “carefully negotiated” was what happened after the markup, completely changing the nature of the bill. However, in describing the “existing minimization procedures,” he notes (correctly) that the NSA isn’t supposed to do searches on Americans, but then puts in the all-important “except” which undermines the whole thing and shows that the NSA is (contrary to the law) spying on the communications (not metadata) of Americans:
HR 3361 [the USA Freedom Act] also prohibits the government from using communications to or from a United States person or a person who appears to be located in the United States EXCEPT where the communication relates to a target under Section 702 or to protect against an immediate threat to human life.
Yeah, that’s a pretty big “except.” Remember, the NSA is not supposed to ever look at communications by anyone inside the US or an American citizen abroad without a warrant. Yet, Goodlatte flat out admits that the NSA does exactly that if the communications (again, not just metadata) “relate to a target.” Now, remember, in discussing this how we recently highlighted that “relate to a target” means any communication about a target? In other words, Goodlatte is more or less admitting that if you merely mention Al Qaeda or Osama bin Laden in an email, the NSA has the right to read your email without a warrant. That’s the backdoor search that so many people have been concerned about, which very clearly violates the 4th Amendment’s requirement for a warrant. And here is Goodlatte pretending it’s no big deal.
Goodlatte then notes that the NSA can’t use Section 702 to “target” a US person, but that’s misleading. Because the NSA can collect communications “to” “from” or “about” a target, it means that tons of communications (again, not just metadata) by US persons are being spied on by the NSA entirely without a warrant. And this gets bigger and bigger when the “target” is defined broadly.
Then Ruppersberger jumps in to add his “thoughts” on the amendment. He too flat out lies, and claims that the USA Freedom Act was a one-year process of “carefully considered negotiation and debate.” That’s not even remotely accurate. The original was left to sit and dangle until it appeared that there might be enough support for it, and then frantic negotiations took place to water it down before the markup. Then, after the markup, the White House stepped in and watered it down even further at the very last minute, so that most of those voting on it had no idea what was actually in it, and how it stripped out nearly every thing that “limited” the NSA. Then, he too, admits how it allows for warrantless spying on Americans, by spewing FUD about bomb threats in the US:
It makes our country less safe. It would prohibit the urgent search of lawfully collected information to thwart a bomb threat against a synagogue in Los Angeles, a church in Maryland or the New York Stock Exchange.
In other words, contrary to the claims before, Ruppersberger is directly admitting that it’s used to spy on communications in the US. And, again, it wouldn’t prohibit searches with a warrant, which are (contrary to what some claim) not that difficult to get.
Five minutes later, Goodlatte speaks again, and this time he’s much angrier than before (perhaps having received some advanced warning that this amendment was going to pass overwhelmingly):
He kicks it off by saying that the USA Freedom Act “honors the 4th Amendment.” But then goes on a FUD brigade, listing out a bunch of angry claims about terrorists in the middle east and how they want to attack us. Then there’s the inevitable claims about how “the terrorism threat is growing” (which kind of undermines the claims that all this intelligence has been useful, no?), and ridiculously argues that this amendment “creates a blind spot” for the intelligence community. It does not. It just says that you need to have an actual warrant for spying on the communications of US persons, meaning that they can’t just sweep up every email of every person who obliquely references “a target.” Then, once again, he effectively admits that this is about spying on Americans:
[It would] create an impediment to the government’s ability to locate threat information already in its possession.
This is misleading, but revealing. All the amendment did was say that the NSA can’t do searches on the communications of US persons. The “impediment” is merely making sure that the NSA obeys the law which says it cannot spy on the communications of US persons without a warrant. By arguing that this creates an impediment to “threat information already in its possession,” Goodlatte is admitting that the NSA is collecting communications of Americans without a warrant.
So, yeah, the next time someone argues that the NSA is either (a) not spying on Americans or (b) not spying on the actual content of communications, you might want to point them at these clips, in which two of the bigger NSA defenders have admitted that, in fact, that’s exactly what the NSA does.
So we already wrote about how the House completely watered down the USA Freedom Act to the point that it really does very little, leading basically all of the civil liberties community to withdraw their support for the bill. If you want to know a little more about the politics at play, I highly recommend Jennifer Granick’s explanation, in which she notes the unfortunate reality: this bill no longer ends bulk surveillance at all — and, in fact, appears to authorize some things that were previously considered questionable, such as the NSA’s ability to do “about” searches, rather than just “to” and “from” searches (i.e., rather than just looking for emails from or to a certain person, they want access to emails about that person too).
You may have noticed that while all of the various civil liberties groups have pulled their support — they have not urged lawmakers to vote against this bill. While there is some fairly contentious debates going on over whether or not some of these groups should go that far, they’ve basically been painted into a corner. As Granick notes, if the USA Freedom Act doesn’t pass, something even worse is likely to happen:
Reformers are still reluctant to openly oppose USA Freedom. That’s partially because of the specter of the House Intelligence Committee bill, the FISA Transparency and Modernization Act, which would expand surveillance under the mantle of reform. Privacy groups seem whipsawed between the pale appearance of surveillance reform that is USA Freedom and the actual surveillance expansion that is the Intel bill.
In other words, Reps. Mike Rogers and Dutch Ruppersberger, along with the White House, may have played a game of chess here. They presented their bill, which clearly would make things worse by expanding the NSA’s powers, and used it as a sort of backstop. If a bad USA Freedom Act fails, they’ll try to push their even worse bill through, and much of Congress could just run home to tell angry constituents that they “fixed” the NSA surveillance issue when they really made it worse. They more or less set it up so that people have to accept the lesser of two evils. But neither will do anything to fix the actual problems of the NSA’s overly broad surveillance.
Rep. Dutch Ruppersberger (Md.), the top Democrat on the Intelligence Committee, seemed unconcerned that the privacy activists’ complaints about the changes could lead to a revolt on the House floor.
“This is the way Congress is supposed to work,” he said. “Republicans and Democrats, liberals, conservatives, moderates coming together and finding a way to do things that are right for America.”
But of course, this isn’t all of those groups “coming together” or “finding a way to do things that are right.” It’s the opposite. The original bill, the one that actually fixed many of the problems had tremendous support in Congress. Enough to pass. It was (1) Congressional leadership who first watered it down, followed by (2) the House Intelligence Committee undermining the already watered down agreement (which was agreed to unanimously by both Judiciary and Intelligence committees) with demands to further water it down and (3) the White House putting even more pressure on the House to change the bill even though it already had so much support.
So, rather than all these groups coming together, it’s the opposite. They came together, and were then undermined — and the White House is now happy about this. While it had remained silent on these bills for months, it has suddenly come out in favor of the USA Freedom Act, which was weakened down in large part due to pressure from within the White House itself, which never wanted real surveillance reform in the first place.
The whole thing is fairly typical backroom political wheeling and dealing where it’s the public that gets screwed. Even the tech industry, who has been fairly quiet on the bills has finally woken up to the fact that this bill does nothing to end bulk surveillance. Google, Facebook, Twitter, Linkedin, Dropbox, Microsoft and AOL all pulled their own support of the bill, but it’s not going to matter. Chances are the bill is going to pass.
Folks who are actual supporters of civil liberties are quite reasonably angry about all of this. Rep. Zoe Lofgren took to the floor of the House yesterday to decry the situation, highlighting the sheer insanity of the fact that a bill that is supposedly about increased transparency concerning surveillance was changed in secret away from what was unanimously approved by the House Judiciary Committee (and the House Intelligence Committee), to create something that was less transparent.
Perhaps it’s not so ironic that a bill about transparency would be stripped of the transparency features in a non-transparent process. Rep. Justin Amash has noted that he’s “troubled” by what’s become of the bill — and that “Americans expect Congress to protect their basic rights.” Unfortunately, at this point, he may be overestimating what Americans have come to expect of Congress. We may want them to protect our basic rights, but we’ve increasingly learned not to expect it. In fact, we’re increasingly being taught to expect the exact opposite.
If Congress wants to actually change that impression, and show that it actually wants to “do the right thing” or “protect the basic rights” of the public, it should reject this bill and go back to the drawing board (or even back to the original USA Freedom Act).
On Monday, we noted that two different competing NSA reform bills had started lurching forward in Congress, though in looking through the Manager’s Amendment of the “good” bill, it quickly became clear that it had been very watered down, such that it really wasn’t that “good” any more. Late last night, there was a report coming out that the NSA’s number one defender, Rep. Mike Rogers, was actually much happier with the USA Freedom Act. In other words, it had been watered down so much that even Mike Rogers was willing to say it was a good bill.
In a dramatic change of tone, Rep. Mike Rogers, the chairman of the House Intelligence Committee, praised a bill in the House Judiciary Committee that would sharply curb the National Security Agency’s surveillance powers. His remarks suggest that the powerful lawmaker may be more willing to vote for tougher reforms than previously anticipated.
Rogers and other national security hawks have spent weeks arguing that the USA Freedom Act, the most aggressive NSA reform bill under consideration in Congress, would remove tools that the government needs to track phone calls by foreign terrorists. Rogers, a staunch NSA supporter, is the sponsor of another bill that would codify many of the surveillance practices opposed by privacy advocates, such as the dragnet collection of records.
As we speak, the House markup on the bill is ongoing. However, in a twist, tomorrow’s “competing” markup for the FISA Transparency and Modernization Act — which is Rogers and Rep. Dutch Ruppersberger’s “competing” bill — has now added a markup of the USA Freedom Act to the agenda. That means that a deal has been made, and if Rogers is willing to add USA Freedom to his committee’s schedule, it means that the “deal” is one that favors the NSA and not the public.
That is not to say that the USA Freedom Act does nothing. It actually does a few things to limit the NSA, but really does not tackle the largest problems. There was a lot of good stuff in the earlier version of the bill (which still didn’t go far enough on its own) and now it’s significantly weaker. So, rather than fixing the overall mess, the new USA Freedom Act makes some small fixes while leaving all sorts of problems.
We wrote yesterday about Congress suddenly lurching forward with two competing NSA reform bills: the USA Freedom Act from Rep. Jim Sensenbrenner and the House Judiciary Committee and the FISA Transparency and Modernization Act from Reps. Mike Rogers and Dutch Ruppersberger and the House Intelligence Committee. As we noted, the USA Freedom Act — which had been the general consensus choice as the best bill for actually stopping the worst of the worst NSA surveillance (while still not fixing everything) — was actually being watered down by Sensenbrenner’s manager’s amendment.
Marcy Wheeler has been digging in and highlighting just how badly the bill has been weakened, and has now started calling it the USA Freedumb Act, noting that it’s stripped out nearly all of the good stuff, basically wiping out most of the protections for you and me, but making sure that the telcos are well protected from any lawsuits that might emerge over them handing all of our info over to the government. The bill also wipes out the transparency requirements that the tech companies had pushed strongly for.
The problem then, becomes something of a political one. One of these two bills is likely to move forward, and both are pretty bad at this point, though USA Freedom is marginally better. Do you support a marginally better bill in the hopes of blocking a really bad bill? Or do you hope (with little chance of it happening) to block both bills and pray for a magical third solution that actually does something useful? It’s a pretty blech situation all around.
One of the tricky parts of bills like these, which adjust the language in existing bills, is that merely reading the bills alone isn’t nearly enough, because they’re amending existing language, and pointing to various places. You have to put it all together to figure out what’s really going on. Wheeler, again serving a tremendously important role, is attempting to do that, showing how Section 215 would look under the manager’s amendment under USA Freedom. This suggests that a big problem is the lack of some key definitions — with “selection term” being one which might actually create a loophole for the NSA to drive a surveillance barge through.
One hopeful idea is that during tomorrow’s markup, someone can actually get some amendments through that actually defines these undefined terms in a way that actually limits the NSA’s powers (and potentially bringing back some of the transparency requirements). Right now it’s not clear if that will happen, though there’s typical political horse trading going on in the back rooms. Still, a good definition (and there’s a chance that any definition would be bad…) would go a long way towards taking the USA Freedumb Act back to being the USA Freedom Act.
In a bit of a surprise move, the House Judiciary Committee, led by Rep. Bob Goodlatte, caught people off guard this morning by announcing that there would be a markup of the USA FREEDOM Act on Wednesday, complete with a Manager’s Amendment from bill author Rep. Jim Sensenbrenner. If you don’t recall, the USA FREEDOM Act was the best bet for real NSA reforms. It was far from perfect, but did actually do a lot of good things without adding a bunch of bad things. The amended version scales that back a bit. It’s not as good, but it’s still pretty good. Harley Geiger, over at CDT has a good overview of the Manager’s Amendment, and how it actually improves the bill in certain areas, while Marcy Wheeler highlights both the good and bad of the amendment.
Of course, within just a few minutes of the Judiciary Committee announcing its plans to move forward with the USA FREEDOM Act, the House Intelligence Committee announced that it would hold its own damn markup on the competing “NSA reform” bill from Reps. Mike Rogers and Dutch Ruppersberger, which is designed to look like a shot at NSA reform, but which really would make it easier for the NSA to collect info on people. That bill, called the FISA Transparency and Modernization Act (almost none of that is true), is basically the NSA’s prime choice for pretending to be reform.
This sets up a bit of an upcoming fight — assuming that both markups lead to bills getting voted out of committee — to see which bill House Speaker John Boehner is willing to bring to the floor. Basically, Boehner gets to make the final decision on NSA reform at this stage. Will he bring the real reform bill or the fake one?
Now that people have had a chance to go through the proposal by Reps. Mike Rogers and Dutch Ruppersberger to “stop” the bulk phone record collection under Section 215 of the Patriot Act, they’re finding more and more things to be concerned about. We had noted some potential easter eggs in there for law enforcement, but the deeper people look, the worse it gets. Trevor Timm notes that the bill is really a trojan horse to expand surveillance capabilities, while pretending to end them.
Curiously, a large majority of the House bill focuses on new ways for the government to collect data from “electronic communications service providers” – also known as the internet companies. Why is a bill that’s supposedly about ending bulk collection of phone-call data focused on more collection of data from internet companies?
From there, we turn to Julian Sanchez, who has given one of the most thorough explanations of what’s actually in the bill, noting that it fails to really end the bulk collection of phone records while also potentially massively expanding other surveillance capabilities.
First, the HPSCI bill’s seemingly broad prohibition on bulk collection turns out to be riddled with ambiguities and potential loopholes. The fuzzy definition of “specific identifiers” leaves the door open to collection that’s extremely broad even if not completely indiscriminate. Because the provision dealing with “call detail records” applies only to §:215 and the provision dealing with “electronic communications records” excludes telephony records, the law does not bar the bulk collection of telephony records under FISA provisions other than §215. The prohibition on non-specific acquisition of other communications “records” probably does not preclude bulk collection under the FISA pen register provision that was previously used for the NSA Internet metadata dragnet. And, of course, none of these prohibitions apply to National Security Letters. If the government wanted to keep collecting metadata in bulk, it would have plenty of ways to do so within the parameters of this statute given a modicum of creative lawyering—at least if the FISC were to continue being as accommodating as it has been in the past.
Second, something like the novel authority created here may well be necessary to enable fast and flexible acquisition of targeted records without dragnet collection. However, once we get down to details—and even leaving aside the question of ex-post versus ex-ante judicial approval—this authority is in some respects broader than either the current §215 telephony program, the president’s proposal, or the pre-Snowden understanding of the FISA business records authority. Critically, it eliminates the required link to a predicated investigation—which, in the case of U.S. persons, must be for counterterror or counterespionage purposes.
In other words, this appears to be a superficial attempt to end bulk collection “under this program,” while at the same time knocking down a bunch of barriers to much broader bulk collection under other authorities, with less oversight and fewer ways to push back against abuse. Did anyone really expect anything different from the NSA’s two biggest defenders in the House?
When House Intelligence Committee ranking member Dutch Ruppersberger suggested replacing the NSA’s bulk collections with something a bit more targeted, it was a little surprising. After all, this is the same man who has worked hand-in-hand with Mike Rogers to subject the NSA to as little oversight as possible over the last several years.
What he proposed sounded suspiciously like an old fashioned Pen Register, the sort of targeted call tracking that can easily be performed by any law enforcement/security agent. Julian Sanchez wondered why a new law was needed when one already on the books would suffice, provided it was scaled back from FISC judge Colleen Kollar-Kotelly’s expansive interpretation.
Well, apparently the reason a new law was needed was to expand the NSA’s powers, rather than contract them, contrary to the assertions of those pushing this legislation. As Mike noted on Tuesday, the bill aims to limit some aspects of the NSA’s collections while simultaneously lowering the standards governing other collections. The bill dials back on “probable cause” and relies on “reasonable suspicion” only, while also eliminating the government’s need to seek a warrant or court order to run a phone number for hits.
If the judge determines that such petition consists of claims, defenses, or other legal contentions that are not warranted by existing law or consists of a frivolous argument for extending, modifying, or reversing existing law or for establishing new law, the judge shall immediately deny such petition and affirm the directive or any part of the directive that is the subject of the such petition and order the recipient to comply with the directive or any part of it.
And here’s what that wording appears to be targeting:
I can’t help believing much of this bill was written with cases like Lavabit and the presumed Credo NSL challenges in mind, as it uses language disdainful of legal challenges.
This makes it that much more unlikely that challenging an order from the NSA will result in anything other than compliance by the entity on the receiving end. This strips away a little more of the facade the government portrays — that those receiving national security letters and the like actually have any choice in the matter.
When the government demanded the SSL keys so it could access the data and communications of Ed Snowden’s former email provider, Lavabit fought back. First, it closed down rather than be “complicit in crimes against the American people.” Then the government dragged the provider to court to get the information it sought and Lavabit’s lawyers fought back.
This is the way the system is supposed to work. Orders can be challenged, even if the chance of overturning them is microscopic. If this part of the bill goes through unaltered, judges will be granted the permission to simply shut down any petition they think seeks to challenge any aspect of the laws pertaining to the NSA’s surveillance programs. It’s the NSA’s heckler’s veto, granted by the House Intelligence Committee and delivered by judges who will be forbidden from respecting any challenges to the government’s interpretation of these laws.
The concept, which Rep. C.A. Dutch Ruppersberger (D-Md.) said he is still refining, would require court review of numbers that the phone companies are asked to search against. But it would not call for a requirement that companies hold data longer than they do now…
Details would have to be worked out, but, he said, the idea would be to send suspect numbers, which a court has deemed to meet the standard, to all phone companies. They would search daily against this list and send back to the NSA any numbers that hit up against the list.
Ruppersberger’s proposal (which he says has sprung out of “serious discussions” with Rep. Rogers) retains the RAS (Reasonable Articulable Suspicion) stipulation that currently governs the NSA’s searches of the stored metadata, but it does loosen other restraints — namely, that the searches be constrained to targets of “authorized investigations” and “agents of foreign powers.”
If this sounds all too familiar, there’s a reason for that.
Some analysts say that what Ruppersberger appears to be proposing looks very similar to existing authority under the “pen register” provision of the Foreign Intelligence Surveillance Act. That provision enables the government to order a phone company to send back in real-time “dialing” information, such as phone numbers, if the government can show the information sought would be “relevant to an ongoing investigation to protect against international terrorism” or espionage.
This pen register concept was thoroughly bastardized by FISC judge Colleen Kollar-Kotelly in 2004 to give the agency permission to use an open-ended (but targeted) surveillance technique as a way to grab every phone record from telcos in three-month chunks (granted in perpetuity by the FISA court).
But the pen register statute hasn’t been written off the books. It still exists and is, in fact, still used occasionally by the NSA, which prompts the following question: why bother introducing new legislation and new guidelines? Why not just make the NSA adhere to the existing statute (albeit one not so thoroughly distended by a previous FISA court decision)?
“So the natural way to solve this problem is not by creating a new authority, but by taking the existing authority designed for exactly this purpose, and narrowing it so it can’t be again used for bulk collection,” said Julian Sanchez, a fellow at the CATO Institute and surveillance expert.
The problem with new laws is that it adds to the number of exploitable tools the NSA can use. As noted above, this eliminates some of the limits governing the bulk records collection. While arguably better than the unlimited metadata harvesting the NSA has done for most of the last decade, the public would be better served by simply requiring the agency to follow existing pen register statutes, provided, of course, the FISA court restores the definition back to its original form.
It is good to see another legislator pushing the NSA back towards targeted surveillance, something it increasingly abandoned in the wake of the PATRIOT Act, especially one that has the misfortune of working closely with Rep. Mike Rogers.
House Intelligence Committee chairman Rep. Mike Rogers and his Democractic counterpart Rep. Dutch Ruppersberger published a press release today touting a classified Defense Department report alleging that Edward Snowden’s leaks—and by proxy, stories published by news organizations—threaten national security and “are likely to have lethal consequences for our troops in the field.”
Before going any further, let’s remember what the Washington Post reported last month about Director of National Intelligence (DNI) James Clapper:
Clapper has said repeatedly in public that the leaks did great damage, but in private he has taken a more nuanced stance. A review of early damage assessments in previous espionage cases, he said in one closed-door briefing this fall, found that dire forecasts of harm were seldom borne out.
Now go back and read the press release closely. No specific examples are given, and you will notice virtually every sentence includes the word “could”—meaning real damage hasn’t actually occurred, they are just saying it potentially could happen. And of course, the actual report is secret, so the two Congressmen are able to say whatever they wish about it, and it can’t be independently verified. (Rep. Mike Rogers also has a long history of not telling the truth.)
We’ve seen this same scene over and over again in the past decade, and the results are always the same: the government serially exaggerates damage to national security in an attempt to make sure newsworthy stories are not published or to villify whistleblowers.
When WikiLeaks started publishing State Department cables in 2010, the administration was claiming in the media that WikiLeaks would have “blood on its hands.” But then it turned out, as Reuters reported, in private the government believed only “that a mass leak of diplomatic cables caused only limited damage” and that “the administration felt compelled to say publicly that the revelations had seriously damaged American interests in order to bolster legal efforts to shut down the WikiLeaks website and bring charges against the leakers.”
The Bush White House said the same thing—”you will have blood on your hands”—to New York Times editors before they published their original NSA warrantless wiretapping stories in 2005 and 2006. Bush’s Attorney General later threatened to prosecute the New York Times under the Espionage Act. Similar statements were made about Dana Priest’s investigation of CIA secret prisons for the Washington Post. The damage of course never materialized, and the both Priest and the New York Times reporters went on to win the Pulitzer Prize.
This is a tried and true tactic used by the US government made famous by Richard Nixon. Back in 1971, the Nixon administration told the US Supreme Court that if the New York Times continued to publish the Pentagon Papers it would result in “grave and immediate damage to the United States.” The man who made those arguments, Solicitor General Erwin Griswold, later wrote in the Washington Post, “I have never seen any trace of a threat to the national security from the publication.” He called on the public to be skeptical of “national security” claims made using secrecy.
New York Times Executive Editor Jill Abramson probably said it best when she flatly stated last year, “No story about details of government secrets has come near to demonstrably hurting the national security in decades and decades.”
Virtually any time newspapers print something the government doesn’t like, they will claim it hurts national security without providing any details or proof. This is standard operating procedure for them, and news organizations should not be scared to push back on such claims, without direct evidence to the contrary.