NSA and the Clipper Chip

I wrote what follows in 1995 as a letter to my Congressional representatives. The final product was significantly longer than I intended, as I got caught up in recounting the abuses of the Nixon era.

A discussion of the Clipper chip is not likely to interest most readers these days. (Briefly, it was a government-approved encryption chip with a built-in back door, called the Law Enforcement Exploitation Field.) Nevertheless, I include this document here for two reasons. Mainly, because the first two-thirds recounts some history that seems more relevant than ever given the attacks on privacy and liberty we’ve suffered since 9/11. Secondarily, because it’s appeared around the web in bastardized form (frequently missing the third word of the first sentence, for instance). It’s often been marked as copyrighted by Quadralay Corporation, but in fact Quadralay had nothing to do with it and would, I expect, disclaim any connection to the content.

Introduction

The historical summary of the NSA presented here includes and depends on information reported in three books. The vast majority of data on the National Security Agency comes from James Bamford’s book The Puzzle Palace [1982]; all quotations are taken from Bamford unless otherwise noted. As Tim Weiner says, this book is “The best—the only—history of the NSA.” Material from the section “NSA is funded in secret” is entirely from Weiner’s Blank Check [1990], which also provided budget estimates and supporting material for other sections. The CIA and the Cult of Intelligence by Victor Marchetti and John D. Marks [1980 edition, originally published 1974], provided background information and a glimpse of the NSA from within the intelligence community but outside the agency itself. Information presented on the Clipper initiative is based on the testimony before the House Subcommittee on Telecommunications and Finance of Marc Rotenberg of the Computer Professionals for Social Responsibility, and of Whitfield Diffie of Sun Microsystems.

The argument takes the following form:

NSA is without statutory basis, charter, or oversight

“No statute establishes the NSA or defines the permissible scope of its responsibilities,” complained Senator Frank Church. The National Security Agency was established by President Truman in a still classified Executive order Oct. 24, 1952. Its direction is apparently supplied by the classified document currently known as National Security Council Intelligence Directive (NSCID) No. 6 (formerly No.9), originating on July 1, 1948.

As of 1982, the NSA was still without a statutory charter, the first recommendation of the Church committee. Oversight by the intelligence community in the form of the National Foreign Intelligence Board (NFIB, formerly USIB) is effectively meaningless. The board rarely if ever turns down NSA proposals; day-to-day contact between the agency and its customers in the intelligence community prevents a periodic oversight board from examining much more than NSA’s stated policy.

NSA is funded in secret

Budgetary authority apparently comes from the Central Intelligence Agency Act of 1949. This act provides the basis for the secret spending program known as the Black Budget by allowing any arm of the government to transfer money to the CIA “without regard to any provisions of law,” and allowing the CIA to spend its funds as it sees fit, with no need to account for them. Congress passed the C.I.A. Act despite the fact that only the ranking members of the Senate and House Armed Services Committees knew anything about its contents; the remaining members of Congress were told that open discussion, or even clear explanation, of the bill would be counterproductive. There were complaints about the secrecy; but in the end the House passed the bill 348–4, and the Senate took a voice vote.

The NSA’s estimated $10 billion annual allocation (as of 1990) is funded entirely through the black budget. Thus Congress appropriates funds for the NSA not only without information on the agency’s plans, but without even a clear idea of the amount it appropriates; and it receives no accounting of the uses to which the funds were put. This naturally precludes any debate about the direction or management of such agencies, effectively avoiding public oversight while spending public funds. (Weiner notes the analogy to “Taxation without representation.”)

NSA has spied on US citizens

“The NSA has also spent a great deal of time and money spying on American citizens. For twenty-one years after its inception it tracked every telegram and telex in and out of the United States, and monitored the telephone conversations of the politically suspect.” (—Weiner, Blank Check)

Due to its unique ability to monitor communications within the U.S. without a warrant, which FBI and CIA cannot legally do, NSA becomes the center of attempts to spy on U.S. citizens. Nominally this involves only communications in which at least one terminal is outside the U.S., but in practice target lists have often grown to include communications between U.S. citizens within the country.

And political considerations have sometimes become important.

During the Nixon administration, for example, various agencies (e.g., FBI, CIA, Secret Service) requested that the NSA provide all information it encountered showing that foreign governments were attempting to influence or control activities of U.S. anti-war groups, as well as information on civil rights groups, draft resistance/evasion support groups, radical-related media activities, and so on, “where such individuals have some foreign connection,” probably not that uncommon given the reception such groups usually receive at home. Clearly it would have been illegal for those agencies to gather such information themselves without warrants, but they presumably believed that the NSA was not similarly restricted when they included on their watch lists such Nixonian bugaboos as Eldridge Cleaver, Abbie Hoffman, Jane Fonda. Joan Baez, Dr. Benjamin Spock, and the Rev. Ralph Abernathy. Presumably the name of Dr. Martin Luther King, Jr., was removed from the watchlist the year Nixon was elected; certainly it was a targeted name before that time.

Watchlists and the vacuum-cleaner approach

It is not feasible to determine in advance which telegrams and telephone calls will be among those the NSA is tasked with intercepting. Therefore, the NSA is normally reduced to recording all traffic on lines it is monitoring, and screening this traffic (by computer when possible) to catch targeted communications. This is called the “vacuum-cleaner approach.”

Also basic to this method is the “watch list” of groups and individuals whose communications should be “targeted.” When a target is added to the watch list, NSA’s computers are told to extract communications to, from, or about the target; the agency can then examine the selected communications and determine whether they constitute intelligence data.

This list of targets usually expands to include all members of targeted groups plus individuals and groups with whom they communicate; thus it has a tendency to grow rapidly if not checked. Some requests seem a bit astonishing: during the presidency of Richard Nixon, a Quaker, J. Edgar Hoover requested “complete surveillance of all Quakers in the United States” because he thought they were shipping food and supplies to Southeast Asia.

Project Shamrock

Project Shamrock was initiated in 1945 by the Signal Security Agency, which eventually merged into the NSA. Until the project was terminated in 1975 to prevent investigation, Shamrock involved NSA (and its predecessors) in communications collection activities that would be illegal for agencies such as the CIA or FBI.

Under Shamrock, the international branches of RCA, ITT, and Western Union provided access by SSA, and its successor NSA, to certain telegrams sent by those companies. Each company’s counsel recommended against involvement on legal grounds; each company requested the written opinion of the Attorney General that it was not making itself liable to legal action. However, they never got anything written from anyone in government, and they all cooperated without it. (They did get a verbal assurance from the first Secretary of Defense, James Forrestal, who said he was speaking for the President; thus they may have been concerned at his resignation just over a year later, his hospitalization within a week suffering from depression, anxiety, and paranoia, and his suicide less than two months later.)

As Shamrock grew, and the NSA began to develop its own means of intercepting communications, the watchlist approach became the accepted standard, since nothing less was effective or worthwhile. The intelligence community became aware that it could enter a name on the watchlists more or less at will, and it would soon receive the requested material, marked classified, and gathered in within (or perhaps under cover of) the law.

The Huston Plan

The Huston Plan, formally known as “Domestic Intelligence Gathering Plan: Analysis and Strategy,” was submitted in July 1970 to President Nixon. The goal of the plan was to relax some restrictions on intelligence gathering, apparently those of NSCID No.6.

Some parts of the intelligence community felt that these relaxations would assist their efforts. The proposals included:

  • allowing NSA to monitor “communications of U.S. citizens using international facilities” (presumably facilities located in the U.S., since NSA already had authority to monitor such communications if at least one terminal was outside U.S. territory)
  • intensifying “coverage of individuals and groups in the United States who pose a major threat to the internal security”
  • modifying restrictions “to permit selective use of [surreptitious entry] against other urgent and high priority internal security targets” as well as to procure “vitally needed foreign cryptographic material,” which would have required the FBI to accept warrantless requests for such entries from other agencies (“Rationale: Use of this technique is clearly illegal: it amounts to burglary. It is also highly risky and could result in great embarrassment if exposed. However, it is also the most fruitful tool and can produce the type of intelligence which cannot be obtained in any other fashion.”)

President Nixon approved this plan over the objection of J. Edgar Hoover and without the knowledge of Attorney General Mitchell.

Hoover went to Mitchell, who had been left out of the entire process, and was consequently angry; Mitchell convinced Nixon to withdraw his approval 13 days after giving it.

Project Minaret

The size and complexity of the domestic watchlist program became a problem, since it bordered on illegality. Project Minaret was established on July 1, 1969, to “provid[e] more restrictive control” on the domestic products, and “to restrict the knowledge that information is being collected and processed by the National Security Agency.” The agency knew it was close to legal boundaries, and wanted to protect itself.

Minaret continued until the fall of 1973, when Attorney General Richardson became aware of the domestic watchlist program and ordered such activities stopped. As the Watergate drama played out, Congress began to hear about the NSA’s projects, and within two years was formally inquiring about them.

NSA considers itself exempt from normal law

Like most intelligence agencies, the NSA uses words such as “interrupt” and “target” in a technical sense with a precise but often classified definition. This specialized language makes it difficult to legislate or oversee the activities involved. For instance, in NSA terms a conversation that is captured, decoded if necessary, and distributed to the requesting agency is not considered to be the product of eavesdropping unless one of the parties to the conversation is explicitly targeted. However, the NSA does not depend on semantic defenses; it can also produce some legal arguments for exempting itself from normal requirements.

NSA has told Congress of its interpretation

On the rare occasions when NSA officials have testified before Congress, they have claimed a mandate broad enough to require a special legal situation. In 1975, the NSA found its activities under scrutiny by the Senate Intelligence Committee, chaired by Frank Church; the House Select Committee on the Intelligence Community, under Otis Pike; and the House Government Operations Subcommittee on Government Information and Individual Rights, led by Bella Abzug. The agency was notably consistent in responding to those committees.

When Lt. Gen. Lew Allen appeared before the Pike committee, he pointed out that it was the first time an NSA director had been required to testify in open session. Two days earlier, CIA director William Colby had testified that the NSA was not always able to separate the calls of U.S. citizens from the traffic it monitors. “NSA general counsel Roy Banner, accompanying Allen, was asked whether he felt that, although wiretapping is prohibited by law, interception of telephone calls of American citizens heading overseas is not prohibited.

Banner’s answer: ‘That is correct.’”

The top three officers of the NSA spoke with a single voice to the Church committee. When the committee’s chief counsel said to Gen. Allen, “You believe you are consistent with the statutes, but there is not any statute that prohibits your interception of domestic communications,” Allen replied, “I believe that is correct.” When deputy director Buffham was asked about the legality of domestic aspects of the Huston plan, he said, “Legality? That particular aspect didn’t enter into the discussions.” Counsel Banner responded at least three times to similar questions that the program had been legal at the time. (Testimony took place on Oct. 29, 1975; Project Shamrock and its watchlists were halted in mid-May of that year.)

The Abzug committee tried to get the story from the communications corporations that had cooperated in Project Shamrock. Its hearings in late 1975 were unproductive because RCA and ITT informed the committee, two days before hearings began, that their executives would not appear without a subpoena; and a former FBI agent who had been cooperating was forbidden from testifying by his old employer. When the committee reconvened in early 1976, it issued subpoenas to three FBI special agents, plus one former agent; one NSA employee; and executives from international arms of RCA, ITT, and Western Union. President Ford prevented the five FBI/NSA people from testifying with a claim of executive privilege, and the Attorney General requested that the corporations refuse to comply with the subpoenas on the same grounds.

Their testimony in spite of that request brought Project Shamrock to light less than a year after it was quickly terminated.

There may be legal basis for this

There may be some legal basis for the NSA claims of extra-legal status. Despite having no statutory basis or charter, the NSA has considerable statutory protection: various statutes, such as the COMINT statute, 18 U.S.C. 798; Public Law 86-36; and special provisions of the 1968 Omnibus Crime Control and Safe Streets Act, exempt it from normal scrutiny, even from within the government.

Thus the agency may be right in interpreting the law to say that it can do anything not specifically prohibited by the President or the NSC. NSCID No. 6, NSA’s secret charter, includes this important exemption (according to James Bamford’s reconstruction):

The special nature of Communications Intelligence activities requires that they be treated in all respects as being outside the framework of other or general intelligence activities. Orders, directives, policies, or recommendations of any authority of the Executive branch relating to the collection … of intelligence shall not be applicable to Communications Intelligence activities, unless specifically so stated and issued by competent departmental or agency authority represented on the [U.S. Communications Intelligence] Board. Other National Security Council Intelligence Directives to the Director of Central Intelligence and related implementing directives issued by the Director of Central Intelligence shall be construed as non-applicable to Communications Intelligence unless the National Security Council has made its directive specifically applicable to COMINT.

Reform is needed

The unchecked ability to intercept and read communications, including those of U.S. citizens within the country, would be dangerous even if carefully regulated by elected officials held to a public accounting.

When the method is available to officials whose names are often unknown even to Congress, who work for unaccountable agencies like the NSA, it is very difficult for the intelligence community, the defense community, and the Executive to refrain from taking advantage of such easily obtained knowledge.

Lack of oversight is dangerous

The lack of any effective oversight of the NSA makes it possible for the agency to initiate or expand operations without authorization from any higher (or even other) authority. Periodic meetings of members of the intelligence community do not constitute true oversight or public control of government; and the same is true of the provision of secret briefings to a small number of senior members of the Congress, all chosen by the intelligence community and sworn to secrecy.

Oversight of such extensive communications capability is important enough; but NSA’s capabilities are not necessarily limited to intercepting and decrypting communications.

NSA has some military capabilities

In addition to its own massive interception and decryption capabilities, the NSA can also issue direct commands to military units involved in Signals Intelligence (SIGINT) operations, bypassing even the Joint Chiefs of Staff.

Such orders are subject only to appeal to the Secretary of Defense, and provide the NSA with capabilities with which it could conceivably become involved in operations beyond the collection of intelligence. At least, it does not seem to be legally restrained from doing so.

The situation is ripe for abuse

It appears that the only effective restraint on the NSA is the direct authority of the President, the NSC, the Secretary of Defense, and the U.S. Intelligence Board. Since the agency was created and chartered in secret by the President and the NSC, it can presumably be modified in secret by the same authorities.

Nor is the NSA bereft of means of influencing other branches of government, as Marchetti and Marks note:

A side effect of the NSA’s programs to intercept diplomatic and commercial messages is that rather frequently certain information is acquired about American citizens, including members of Congress and other federal officials, which can be highly embarrassing to those individuals. This type of intercept message is handled with even greater care than the NSA’s normal product, which itself is so highly classified a special security clearance is needed to see it.

Complete control over a secret agency with at least 60,000 direct employees, a $10 billion budget, direct command of some military units, and the ability to read all communications would be an enormous weapon with which to maintain tyranny were it to arise. A President with a Napoleonic or Stalinist delusion would find in the NSA the perfect tool for the constant supervision of the individual by the state depicted in nightmares and novels such as 1984.

Senator Schweiker of the Church committee asked NSA director Allen if it were possible to use NSA’s capabilities “to monitor domestic conversations within the United States if some person with malintent desired to do it,” and was probably not surprised by Allen’s “I suppose that such a thing is technically possible.”

Certainly Senator Church feared the possibility:

That capability at any time could be turned around on the American people and no American would have any privacy left, such is the capability to monitor everything: telephone conversations, telegrams, it doesn’t matter. There would be no place to hide. If this government ever became a tyranny, if a dictator ever took charge in this country, the technological capacity that the intelligence community has given the government could enable it to impose total tyranny, and there would be no way to fight back, because the most careful effort to combine together in resistance to the government, no matter how privately it was done, is within the reach of the government to know. Such is the capability of this technology…

I don’t want to see this country ever go across the bridge. I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over that abyss. That is the abyss from which there is no return…

NSA and Clipper

The NSA recently agreed to assist the National Institute of Standards and Technology (NIST) in the creation of a new official encryption strategy (two technical standards and some procedural safeguards). However, this cooperation became direction and eventually control of the project, according to NIST internal reports to the point that only senior NIST officers with appropriate clearance had access to relevant documents. This appears to contravene at least the spirit of the Computer Security Act of 1987, which, according to Marc Rotenberg of the Computer Professionals for Social Responsibility (CPSR), “made clear that in the area of unclassified computing systems, [NIST] and not [NSA], would be responsible for the development of technical standards. The act emphasized public accountability and stressed open decision-making.”

Documents obtained by CPSR under the Freedom of Information Act show that the NIST began the project with the goal of developing a public-key standard, whose algorithm should be “public, unclassified, implementable in both hardware and software, usable by federal Agencies and U.S. based multi-national corporations.” The result was, however, a non-public-key, classified standard that requires tamper-proof hardware; it cannot be implemented in software.

Who its users might be is uncertain; Rotenberg thinks that “it is unlikely to be used by multi-national corporations.”

The issue of trust

The entire package has come to be called the Clipper initiative after one of the two standards involved (the other is called Skipjack). Many of the arguments over technical aspects are useful, including the discussion of whether an encryption algorithm must, like Clipper, be kept classified to increase its security, or should be published openly to convince prospective users of its reliability. All such questions, however, in the end seem to resolve to the issue of trust in the government, or more precisely in the intelligence community. For example, if it is true that encryption algorithms must be kept secret, then providing any additional reason for secrecy reveals a method of attack against the algorithm.

But those who make this assertion admit that the same danger prevents them from supplying any supporting evidence.

If you trust, then Clipper is like Teflon: one of those spinoffs that accumulate when you do the right sort of research. After all, the NSA has always claimed to be five or more years ahead of the state of the cryptanalytic art. Clipper arrives just as the luster of DES (the previous official strategy) is beginning to tarnish due to technical advances. Other new techniques such as public-key encryption are unproven; and the rejection of them by NSA in favor of Clipper/Skipjack indicates that NSA experts are not impressed. Clipper’s key escrow system strikes a reasonable balance between the individual’s right to privacy and the state’s right to self-defense, and the use of a private corporation as part of the escrow system provides a little extra insurance against government hanky- panky. Naturally law enforcement agents will occasionally need to use the special capabilities built in for them; but the oversight system is practically foolproof, since without a warrant no one can access the two parts of your key.

Criminals or those “with malintent” might find a way to buy or intimidate one of the escrow agents, but not both.

If you do not trust, then Clipper is more likely a solution to NSA’s problem: the increasing public use of new encryption techniques that the agency cannot penetrate. Since the NSA has long been unable to penetrate (then-) Soviet or Chinese codes (according to Marchetti and Marks), impenetrable encryption methods do exist. The agency’s claim of being five years ahead of public technology is a necessary one given its task; probably even true for a while, but not recently. The key escrow system is laughable, since the claim of national security has for decades opened government doors (not always during business hours); and given the ease with which Project Shamrock illegally obtained communications from private corporations for many years, the use of a private agent in the system provides no extra safety. Probably the agency is simply trying to restore the situation it enjoyed for decades after World War II with respect to its ability to read U.S. communications, since it cannot do so with those of other countries. Certainly it has been unusually candid in naming the Law Enforcement Exploitation Field.

With this disagreement apparent, the uncommitted observer will probably try to choose conservatively. To do so normally requires prioritizing your concerns and listing your assumptions, then consulting the experts and the literature.

However, in this case one meets an immediate roadblock: since Clipper is secret, not even the experts are able to express an educated opinion as to the best known algorithms. Those without security clearances have no access to what are claimed to be such, while those who have direct knowledge are naturally silent about classified information. Thus, the issue reduces again to the matter of trust: do you prefer the opinion of government experts, who assure you that they are right but must necessarily refrain from providing any evidence, or the opinion of outside experts, who may advocate alternatives and evidence to support them, but admit that they do not know whether Clipper is safer or not?

The implications

Of course, if Clipper is simply attached to our telephones and other communications devices, then the only loss is the additional $25 or so per item to cover the Clipper hardware. As long as one can choose to employ other encryption techniques as well, adoption of Clipper is mainly an economic problem. However, the government plan is to license a small number of private firms to produce the tamper-resistant chips for public sale. These firms are unlikely to undertake such operations as a public service; they will expect at least to break even, and a $25 per chip price requires the sale of a non-trivial volume of chips. Thus a certain amount of discrete promotion may be needed to encourage adoption of Clipper on a sufficiently broad scale.

If people persist in using (sometimes free) software that incorporates technology considered by many experts to be the best that is publicly available, they not only reduce the size of the Clipper market by their example; they also clearly indicate their distrust of the government and of NSA, which by itself may be suspicious in some eyes. In fact, the Washington Post reported recently that the administration is considering the possibility of outlawing unsanctioned encryption methods if persuasion is ineffective, though it was unclear whether this was intended to promote a market to help the chip manufacturers or to ensure that the NSA had only one algorithm to work on.

CPSR’s Rotenberg, testifying before the House Subcommittee on Telecommunications and Finance (June 9, 1993), pointed out that The premise of the Clipper key escrow arrangement is that the government must have the ability to intercept electronic communications. However, there is no legal basis to support this premise. In law there is nothing inherently illegal or suspect about the use of a telephone. The federal wiretap statute says only that communication service providers must assist law enforcement [to] execute a lawful warrant.

According to James Bamford, the draft report of the Abzug committee (which uncovered Shamrock) was buried by Congress in 1977. One of its claims was, he says, “that the NSA’s appeal to the Congress and the public that they simply ‘trust us’ was totally unjustified when viewed in the light of the Agency’s long record of privacy violations.”

Marchetti and Marks [1974] reported on the press conference held in Moscow by two young NSA defectors in 1960, William Martin and Bernon Mitchell. “Martin and Mitchell told of a practice under which the NSA provided encoding and cryptographic machines to other nations, then used its knowledge of the machinery to read the intercepted messages of these countries. This practice still flourishes.”

Recommendations

If this historical summary of the NSA is accurate, then it seems clear that the continued operation of the agency in its present mode poses a danger to freedom of speech and thus to the continuance of democratic traditions in the United States.

The best defender of those traditions is an educated and active populace. In the meantime, however, legal penalties have seemingly been effective in reducing the amount of abuse of civil liberties. With that limited goal in mind, Congress should in my opinion take the following minimal steps:

  1. Require legal charters for the establishment of agencies of the Executive branch. For existing agencies like the NSA and the National Reconnaissance Office (NRO), either provide a legal charter that defines and restricts their operations, or reassign the responsibilities to existing chartered agencies and dissolve the unchartered one.

    With the NRO, it may be necessary first to declassify the agency’s name so it can be used on the floor of Congress. But since, according to Weiner, both NRO and NSA are “far bigger” than the CIA, they need a charter as much as it does.

  2. Eliminate the practice of funding parts of government through the “black budget,” without Congressional debate on the projected use of the money or even a clear knowledge of the amount. This appears to violate the Constitutional requirement for a public accounting of the use of public funds (Article I Section 9), and clearly makes effective oversight impossible in practice.

    Naturally much technical information will remain secret, but it is hard to imagine a reason for keeping the costs secret other than to obtain by secrecy what might prove elusive if pursued openly.

  3. Reject the NSA-sponsored “Clipper” initiative, the FBI’s “Digital Telephony” proposals, and all such attempts by the intelligence community to regain its ability to read all communications to, from, or transiting the U.S. Reject as well any attempt to prevent or stigmatize the use of any encryption system.

You're welcome to use this form for private as well as public comments; but if you don't want your comments posted to this site, please say so explicitly. As far as I know, this form works in every case, unless you're running XP (and if so, why?). If you have problems with this form, send your comment to count_belisarius@earthlink.net.

All fields are optional.