Pro-Privacy Senator Wyden on Fighting the NSA From Inside the System

Wyden spoke with WIRED about the difficulties of keeping mum on classified matters, about his public showdown with intelligence chief James Clapper over the NSA's data collection on Americans, and about the government's use of zero-day exploits.
Senator Ron Wyden on July 27 2011.
Senator Ron Wyden on July 27, 2011.Joshua Roberts/Bloomberg via Getty Images

Senator Ron Wyden thought he knew what was going on.

The Democrat from Oregon, who has served on the Senate Select Committee on Intelligence since 2001, thought he knew the nature of the National Security Agency's surveillance activities. As a committee member with a classified clearance, he received regular briefings to conduct oversight.

But when the The New York Times broke the story in late 2005 that the spy agency was engaging in warrantless wiretapping, Wyden was as surprised as the rest of us.

He was surprised again when, six months later, USA Today published a different story revealing for the first time that the NSA was secretly collecting the phone call records of tens of millions of Americans, records that US telecoms were willingly handing over without a warrant. Two of the three identified telecoms denied the allegations, and the story quickly died. But its ghost lingered on, neither fully confirmed nor denied, haunting Wyden. It took another seven years for a document leaked in 2013 by Edward Snowden to end the speculation and finally confirm that the bulk-collection phone records program existed.

Wyden doesn't want to say when exactly he learned of the phone records program but says "The New York Times story and the USA Today [piece] were both real wakeup calls." Speaking to WIRED during a recent visit to the Bay Area, he adds that it was "very frustrating" to have to wait seven years after the USA Today story broke for details of the program to come out.

Wyden has spent a lot of time biting his lip since those early revelations, unable to disclose what he knows but going as far as he could to drop hints over the years. In 2011, two years before the Snowden leaks, he warned fellow lawmakers that the government had devised secret interpretations of the Patriot Act to legally justify its surveillance---interpretations dramatically different from how the public understood the law should be interpreted. Then in July 2013, as the first Snowden documents were leaking, he warned again that the public was seeing just the "tip of a larger iceberg" and that lawmakers were being misled by intelligence officials about their activities.

The senator hedged when asked by WIRED if the Snowden revelations have now fully exposed the iceberg, or if we're still just seeing the tip. All he would say was that there are things that even he remains ignorant about---such as the ways in which the government is using Executive Order 12333 to conduct overseas data collection without court oversight.

Wyden is gearing up for a battle on Capitol Hill to reform the Patriot Act, particularly Section 215, which the NSA used to authorize and justify its phone records collection program. This and other portions of the law, passed in the wake of 9/11,expire in June and are up for re-authorization.

Wyden spoke with WIRED about the difficulty of keeping mum over the years on classified matters; about his public showdown with intelligence chief James Clapper over the NSA's data collection on Americans; and about the government's use of zero-day exploits, a practice that undermines the Obama administration's assertions about the importance of securing the nation's critical infrastructure systems. But one question he wouldn't answer---about allegations that US telecoms have been helping the NSA undermine foreign networks.

Wyden on the Clapper showdown: "I spent months, literally months preparing that question."

In March of 2013, three months before the first Snowden revelations were published, Wyden was growing increasingly concerned about the dichotomy between what he was told about the NSA's programs during classified briefings and what the intelligence community was saying publicly about its programs. So during a Senate hearing, he posed a question to James Clapper, director of national intelligence: Does the NSA gather "any type of data at all on millions or hundreds of millions of Americans?"

Clapper's reply? "No sir. Not wittingly."

Though some claim Clapper was "sandbagged" by the exchange, and that Wyden engaged in "vicious" tactics to corner him, Wyden says Clapper knew in advance that the question was coming and voiced no objection. Wyden only posed the question in public after fruitless attempts to have it answered privately.

"I spent months, literally months preparing that question," he says. "Because NSA director [Keith Alexander] had said [at the DefCon hacker conference in 2012]'We don’t have dossiers on people.' He’d [also] been on YouTube saying we don’t hold data on US citizens'---which I consider one of the most false statements ever made on US intelligence."

Wyden sent letters to the intelligence chiefs, some private, some public, seeking clarification. But after months of what he calls "pick-and-shovel" work to get a response, none was forthcoming. "We decided," he says, referring to his staff, "that I had to ask the question in public."

"We sent [Clapper] the question ahead of time and said, 'We're going to ask this,'" he explains. "If he had said you can't ask this in public, I would have said OK. I would not have been happy, but I would have complied, and we would have set about to try and figure out another way to do it."

Clapper didn't say no. But when Wyden posed his question in the hearing, Clapper shot back with what Wyden says was an "obviously flagrantly inaccurate" answer.

"We called him afterwards. We said, 'It’s flagrantly inaccurate, you’ve got to correct it.'"

But Clapper wouldn't correct it. Three months later, he was forced to revisit the statement when documents leaked by Snowden showed that the government had indeed been routinely collecting the phone records of millions of Americans since 2006.

"Intel leaders can no longer operate under the assumption that they can say pretty much whatever they want in public and it’s never going to come home to roost," Wyden says.

Wyden on NSA's backdoor search loophole: "The Bush administration, as incredible as it sounds, closed it before they left in 2008, and the Obama administration came back and re-opened it."

The Snowden documents revealed a lot about NSA surveillance activities, but there are at least two "extraordinarily serious" areas that are still in the shadows: the NSA's use of a so-called backdoor search-loophole and its use of Executive Order 12333, which some fear the NSA has been using as a "hall pass" to do virtually anything overseas with presidential approval.

Although the NSA is not allowed to target Americans for surveillance, under Section 702 of the FISA Amendments Act, the NSA can collect data on suspected foreign terrorists and foreign agents, and in doing so, emails and other data belonging to Americans gets swept up as well. The NSA is supposed to take steps to "minimize" the acquisition, retention and distribution of this incidentally collected American data. But in 2011, the government got the FISA Court, which oversees surveillance under the FAA, to agree that the government could deliberately search this American data, using email addresses and phone numbers as the search terms, without needing a warrant---what civil liberties advocates refer to as a "backdoor" search since it allows the government to essentially target Americans through searches of incidental collection without specifically targeting their data for collection. The data isn't just available to the NSA, however. The FBI also has access to it.

No one, however, not even the NSA, knows how much collected data belongs to Americans and how often it is searched. "I’ve gotten letters from director Clapper and others saying that this problem is growing," Wyden says. "In fact director Clapper wrote me a letter saying the FBI doesn’t even keep track of them, which causes me to be even more concerned."

Wyden's outrage over the searches is all the stronger because he notes that "The Bush administration, as incredible as it sounds, closed [this loophole] before they left in 2008, and the Obama administration came back and re-opened it." He's referring to the fact that under the Bush administration, searches of the data was restricted.

The governments use of Executive Order 12333 is another matter. EO 12333 was first approved by President Reagan in 1981 to provide direction to intelligence agencies on conducting surveillance and was amended in 2008 by President Bush. But no one, not even lawmakers on Capitol Hill, have a full grasp of how EO 12333 is being used.

Wyden says, "I’m not sure we’re at the bottom or close to it" when it comes to understanding how it's being used." Wyden is suspicious that the White House and intelligence community have agreed to halt the phone records collection program, in the wake of intense criticism, only because the spy agency has other tricks to get the same data, possibly through EO 12333.

"The intelligence community is endorsing eliminating bulk-collection of phone records, and it makes me wonder what are the authorities under 12333 [through which they might do the same thing]?" he asks. "You can get a bill passed and everybody says, 'Hey we banned bulk collection.'... [Then] we see the government go off in another direction. I will tell you that I don’t know today the full ramifications of 12333 on bulk collection. But I'm going to be spending a lot of time digging into it."

Wyden on not reading classified information on the Senate floor: "I made the judgment ... that ... with the focus that I’ve had on this, it would be [more] valuable to have me in the room rather than outside."

Wyden has been criticized repeatedly for not exposing the NSA's activities himself, given his longstanding concern that the agency was violating the Constitution or at minimum stretching the law.

Some, like documentary filmmaker Laura Poitras, have asked why, given that lawmakers on Capitol Hill have immunity and can't be punished by the government for what they say, he didn't just read documents revealing what he knew on the Senate floor. "Why is it that ... a 29-year-old has to put their life on the line to expose things that these senators also have concerns about?," she recently asked in an interview. "The risk for them is that maybe they'll lose a seat on a committee."

But Wyden and his staff point out that more than losing a seat on the intelligence committee and losing his classified clearance, he would likely have been expelled from the Senate. The Senate rules require members to honor the secrecy of classified information.

"I made the judgment, and I recognize that other people see it differently, that ... with the focus that I’ve had on this, it would be [more] valuable to have me in the room rather than outside. People can second-guess that all they want," he told WIRED.

Wyden acknowledges that there are many problems with the oversight process that prevent lawmakers from doing their job properly. "We only get probably half an hour a year to ask questions in public on the Intelligence committee," he notes. But the U.S. system is "still the most open and accountable system of government around," he says, and although they may not get to the truth quickly, "the truth always comes out."

Wyden on the government's use of zero-day exploits: "Even temporary withholding of vulnerabilities should be done only under pressing circumstances where it is truly necessary for American security."

Wyden has been critical of the NSA's efforts to install backdoors in systems and undermine encryption, saying it threatens the integrity of security systems that everyone, even the government, relies on for protection. But until now, he, and the rest of Capitol Hill, have remained silent about the government's stockpile of zero-days exploits that it uses to hack into systems for spying and attacking. A zero-day exploit is malicious code that attacks vulnerabilities in software that are unknown to the software maker or antivirus companies. As such, there is no patch available for them and no signatures in antivirus scanners to detect them.

By keeping silent about software vulnerabilities it knows about---instead of disclosing them to vendors so they can be patched---the government is putting U.S. critical infrastructure, companies and regular computer users at risk of being hacked by criminals, cyber terrorists and foreign intelligence agencies, including the Chinese spies the government spends so much time condemning. Wyden acknowledge that the government's stockpile of zero-days is a big security problem.

"Even temporary withholding of vulnerabilities should be done only under pressing circumstances where it is truly necessary for American security," he said in a follow-up email. "In the past, intelligence agencies have too often been allowed to take reckless actions that undermine the internet and harm huge numbers of Americans for little or no security gain."

Wyden isn't willing to let the government police itself on zero-days, however. To conduct proper oversight, he said, "will require the executive branch to share information about these decisions not only with members of Congress, but also with specialized staff who possess appropriate legal and technical expertise. If Congress allows the executive branch to withhold information about these decisions from cleared congressional staff, it will represent a failure to perform its oversight duties, to protect the American public and to protect our economy."

Wyden on US telecoms undermining foreign networks: "I can't get near that. It’s a classified matter."

Wyden was open to addressing most of the questions WIRED asked. But at least one was completely off-limits. WIRED asked about recent allegations made by journalist Glenn Greenwald that US telecoms have been secretly helping the NSA undermine foreign networks.

Greenwald reported in his recent book that US telecoms partnering with foreign telecoms to upgrade their networks have helped subvert those networks.

“The NSA exploits the access that certain telecom companies have to international systems, having entered into contracts with foreign telecoms to build, maintain, and upgrade their networks,” Greenwald wrote. “The US companies then redirect the target country’s communications data to NSA repositories.”

Wyden was tight-lipped.

"I can't get near that," he said.

Why isn't Capitol Hill holding hearings to discuss the implications of companies who might be involved in this?

"It’s a classified matter. I just can't get into it," he said. "I can’t acknowledge anything on that matter."