Print Friendly and PDF
only search

We could have stopped the Paris attacks

William Binney and Kirk Wiebe worked at the NSA for decades, before blowing the whistle on mass surveillance. They say they invented a surveillance system that could have given citizens more freedom and security….


NSA, Fort Meade. Wikimedia Commons/Trevor Paglen. Some rights reserved. NSA, Fort Meade. Wikimedia Commons/Trevor Paglen. Some rights reserved.openDemocracy’s Editor in Chief Mary Fitzgerald sat down to talk with NSA whistleblowers William Binney and Kirk Wiebe at the World Forum for Democracy on 19 November 2015, less than a week after the Paris attacks.

Kirk Wiebe: Why am I here? I met Bill Binney at the NSA about 30 years ago and immediately respected the kind of work he did. Now he and I did not work in the same literal organisation – the same general organisation of analysis, but working on different aspects. His work ended up influencing my work however, because they were part of a chain called the Command and Control Network of Military Forces and that was something we were trying to understand. So for all those years I would see Bill Binney and chat a little bit, and I became a manager and we collaborated over the years and he actually ended up helping my people make some breakthroughs that were very important because I was looking at weapons systems and he was looking at the commanders that commanded those weapon systems.  

Anyway, at the end of my career, I had an opportunity to go down and work with Bill when he was working on breakthrough technology to deal with packets of modern-day digital communications, which was changing NSA’s way of doing business. Michael Hayden, the Director of NSA who came in in 1999, pretty much said to everyone: “We need to own the net.” It’s important to know what those words mean, because if you have seen the Snowden slides, there is a slide concerning General Alexander at a briefing in an outpost, Harrogate, in England, in which he is quoted as saying, “Collect it all.”

Now, you know GCHQ is partners with NSA, and so are three or four others, the Five Eyes arrangement. So here you have these five countries turning their machinery on the internet, and the internet has, possesses, collects the world’s communications and then the telephone network was merged with those so that we have one giant web circling the globe where everyone is connected now. A huge source of potential intelligence, as you might imagine. But Bill was trying to solve the issues of volume, velocity and variety.

Mary Fitzgerald: Needles in haystacks.

Bill Binney: How to pull a needle out of a haystack…

Kirk: Yes – that is exactly what his philosophy was, and that just made so much sense. So I went down there to work with Bill and we tried and actually had it up and running – a real prototype working model of that capability was running and I was fascinated with it because it worked, and it protected privacy.

Mary: This was ThinThread?

Kirk: Yes, absolutely

Mary: So ThinThread, briefly, worked how?

Kirk: ThinThread accessed modern day packet-switched communications, sorted through it, and separated Americans from the rest of the world. Because the NSA is authorised to look at anything foreign, even the Brits, but they don’t tell the Brits that. Gentlemen have agreements, they don’t read each others’ mail – supposedly…

So we needed to separate Americans out because we have a law: thou shalt not spy on Americans if you are at NSA. The FBI can – but not the NSA, which is foreign intelligence. So Bill’s algorithm separated out the Americans that were coming in that stream and then encrypted their identities, so that noone could look at it. And then the rest of it was fair game. Then you would conduct searches with various algorithms to try to find information that was interesting and relevant to a specific subject – it could be military, could be economic, whatever.

Mary: And how did that work in terms of isolating particular information and finding those needles?

Kirk: It was wonderful – here’s why. The analysts were already telling us, “I’m drowning in data.” They give me data and I start to look at it and right away, new data comes in and overrides it – and I was just about to, and I couldn’t deal with that – so I was dumping it on the floor and people were not able to keep up with it.

And if you know anything about the internet you know that they can’t: people have a terrible time keeping up with their e-mail, and their tweets and their Facebook.

So it was immediate overload that the analysts were having, and intelligence was relegated to the position of chance! When you have that situation you just have to be lucky to find something because you are not managing your information flow. Bill had a way to manage it.

Mary: So what happened to that ThinThread programme?

Kirk: Well that programme excited some people and angered others because they had other plans for contractors to produce solutions.

Mary: Basically it would have shrunk the resources you needed to carry out investigation and intelligence work?

Bill: Yes. You see it was also fully automated so that the software did the detection and the reporting. It wasn’t dependent on people to recognise anything. So there was something in the database that automatically managed distribution and all the works for everyone who should have been getting it, including the FBI. It wasn’t a matter of, “Oh, we found calls to this Santiago number from the Yemeni facility in our database.” No – as soon as it hit the database, within a second, it would be alerted to everybody…

Mary: It would have been a problem then for military-industrial interests, because they would have had to downsize?

Bill: Well they wouldn’t be able to upsize. Fundamentally it would take away the potential to feed on tens of billions of dollars which is what they have done.

Mary: It was taken out of action before or after 9/11?

Bill: After 9/11, they took the parts that worked and got rid of the filtering up front. So instead of pulling needles out and letting the haystack go by, they took in the haystack.

That capacity was there to be able to do that, except that our filters up front prevented it. So they removed that software. And then if in our process, in the stuff we took in, there were people who should be protected, we encrypted their identities, so that you couldn’t tell who it was, until you proved ‘probable cause’ and then you have specifications for a warrant and so on. Then their identity was protected.

Mary: You knocked on the front door with a warrant instead of going through the back door...

Bill: Exactly. But that was also an impediment for them, so they didn’t want any of that, so they removed the protections.

Mary: But they must have also removed an extraordinary amount of efficiency in the process…?

Kirk: Yes.

Bill: Well what they did was they dumped garbage on their data. Because when you take in everything it’s all garbage – it makes it dysfunctional.

Kirk: There is a pivotal design issue here, and it answers different questions. Those managers at the NSA, the senior people who wanted industry to help dictate the solution, their philosophy was 180 degrees out from our philosophy. Our philosophy was: prevent the loss of life, prevent damage to property. Theirs was: have a way to forensically examine information after the pieces are all over the place.

Mary: And there is an obvious parallel with what is happening in Paris right now?

Kirk: Absolutely.

Bill: They have the same problem: more data is not going to help.

Mary: And it’s revealing that the authorities knew exactly who they had to arrest after the terror attacks…

Bill: Yes. When you have to look at everything though you can’t cover it… you can’t focus. That’s the problem with that approach.

Mary: So people die -

Bill: That’s the whole consequence.

Mary: – and then you can arrest the perpetrators afterwards…

Kirk: So it’s all wonderful. And the police were good… ‘Oh you rounded up the perpetrators. You didn’t save anybody from dying but you rounded up…’ well, people have to see through that.

Bill: Yes – if you really knew a lot beforehand, why the hell didn’t you do something, before?

Mary: 84 percent of French people polled this week said that they would prioritise security over liberty, at the moment.

Bill: Well there is no reason to do that.

Mary: You think it is a false choice?

Bill: Of course it is. That’s the false choice that they are plumping for. And they want to do that so that they can get more money.

Kirk: I would challenge you to go out and ask a different question: If there was a way to protect your privacy and catch bad guys, would you prefer that? Do you know what you’d get? 100% of French people agreeing. And that’s what we would do – that’s the way we would do it.

I would challenge you to go out and ask a different question: If there was a way to protect your privacy and catch bad guys, would you prefer that? (Kirk Wiebe)

Bill: And the other point is pretty simple.  They are consistently failing with their bulk acquisition approach. So common sense tells you that you are doing something wrong – so you just have to realise that maybe I need to change something and then look at what it is that is causing the problem. And it’s garbage data, bulk collection.

Kirk: And let’s not just pinpoint the French for being guilty of this. It’s also Americans, because the NSA did not prevent the Boston Marathon bombing. It did not prevent the Fort Hood shootings. It did not prevent the shootings in Texas and Arizona. It did not prevent the underwear bomber, although his fuse burned: it did not prevent the Times Square bombing and frankly Charlie Hebdo is foreign intelligence. The NSA should have prevented Charlie Hebdo. The NSA should have given that information to the French to give them the ability to stop it. But they are doing the same kinds of things: they are collecting everything, storing it and after the event, the tragedy happens, then they go and look for who did it…

Mary: The British prime minister claimed the other day that the security services in Britain had foiled seven attacks this year. Without knowing what the basis for his claims are…

Bill: … you can’t believe it. General Alexander in Congress started out with 54, but in the end he ended up with zero, when he was pressed to prove it. So, if you press the prime minister he is probably talking about standard policing work stopping these actions.

Kirk: Look, if Mr. Cameron has the authority to reveal what those specific instances were, what would he be giving away if he gave us the names of the people involved? Other than the fact that they were apprehended and what their intention was? Nothing! That would not harm UK security or anyone. So please, come forth and tell us about those security successes. We need to hear them!

Bill: The problem is that the intelligence community has been lying to everyone for so long that it is not funny. Just the other day when I was in Amsterdam, I had to comment on an article written in the UK, talking about the lawyers of GCHQ who were telling MPs in parliament that they can’t tell their communications from anybody else’s so they have to hoover it all in with everything else in a bulk acquisition. The journalist Duncan Campbell was writing about it and he asked me, “what do you think of that?” I said, “Well there’s two words to answer that: That’s horseshit!”  I also told him, “If GCHQ doesn’t know how to do that, I’d be happy to come over there and help them and tell them how to do it!”

Mary: Are you waiting for their call?

Bill: I’m waiting…

Mary: Faiza Patel [co-director of the Brennan Center's Liberty and National Security Program] said yesterday, “We need to accept that we cannot stop every terrorist attack, and that is the price we pay for our freedom…” Do you agree with that?

Bill: I’m sure that one in a hundred might get through – but with most of them there really should be no problem.

Kirk: If the system is correctly built and managed.

Bill: If you have the focus, discipline, the professional job – they’re done. Right now you don’t have that…

Kirk: Right now the odds are against intelligence analysis stopping anything because of the volume of data. We tried to give the analyst the odds that are in his favour and the people’s favour because we want to save lives.

We tried to give the analyst the odds that are in his favour and the people’s favour because we want to save lives. (Kirk Wiebe)

Mary: Do either of you think that there is anything in the accusations against Snowden that said he shouldn't have shared some of that information?

Kirk: Yes, I do. But you have to understand that this is the digital age. We all have volumes of data on our computers. If you asked the average computer user, would you like to go through all the files on your computer they would say ‘On no!’ ‘Why?’ ‘Because there’s so much I’d be doing it for a week…’ All of the Windows operating system, every folder and chats, and nobody wants to do that.  The key is how do you reduce the load?

Mary: Did Snowden risk lives with his disclosures?

Bill: No. But when you give up specific targets like that Chinese university – when they know they are being attacked they can work out how to do something about it. But to say they are listening to the internet – I think everybody knew that already. Certainly Al Qaida knew that. Everybody in intelligence around the world knew that.  Everybody is doing it, if they can, to the degree that they have the resources to do it.

Kirk: So was there some damage? Probably some, but relatively minor.

Bill: But you have to be aware of all the lies they tell just to throw everybody off. Like claims such as, ‘well we couldn’t get at these guys because they were using encryption – you know’? But they were using social media! Oh, encryption on social media! It’s another bunch of lies. They are lying to everybody and playing people for fools. That’s what they are doing…

 Anders Behring Breivik. Demotix/Alexander Widding. All rights reserved. Anders Behring Breivik. Demotix/Alexander Widding. All rights reserved.Mary: Now for a slightly different theme. Why do we only call those who abuse the name of Islam terrorists? Why don’t we call Breivik a terrorist, or Dylann Roof? You’ve both worked in security most of your lives – why the difference? How would you define a terrorist?

Bill: Anyone who wants to go around randomly killing people is a terrorist. We don’t care what their background is.

Kirk: People who attempt to impose their will on whatever government – whether because of politics or religion, it makes no difference – anyone who wants to impose, by threat of loss of life or damage to property is a terrorist. Islam is two billion people, and then people say – well only about a quarter of them are radical. But then you do the maths and my God: it is about the population of the United States. So there is a big problem. And these people are very willing to die for a cause.

Mary: But that still isn’t a distinction in terms of the function of a terrorist… Why do journalists write up Roof as a shooter and the shooters in Paris as terrorists?

Kirk: This is the beauty of this ThinThread approach that Binney invented. It knows no politics. You look for bad people. You don’t look for Muslims. And some of them are going to be Muslim. Some of them are going to be Presbyterian, Catholic, Jewish, atheists, all colours – it doesn’t care. It’s behaviour-based.

This is the beauty of this ThinThread approach that Binney invented. It knows no politics. You look for bad people. You don’t look for Muslims. (Kirk Wiebe)

Mary: Leading on from this, how much should journalists be activists for freedom of speech, freedom of the press, and particularly for limiting the state role in surveillance?

Bill: They are supposed to be finding out what the government is doing, finding out what the truth is and informing the public. That’s their job. They have lost that perspective. They are not doing it!

Kirk: Journalism has gotten into opinion reporting, rather than truth reporting. It’s safe ground because it pleases the politicians. So there’s lots of – well, what do people think? – which has nothing to do with what I would call effective journalism which is good old-fashioned investigative journalism that sees a problem, investigates whether there is truth or lies and who is doing the lies. You don’t see that. Or you see it, but it’s rare today. You’re crucial – that’s what I am trying to say. But you can’t be political about it. You must be as willing to take on your own minister as you are somebody in a different country. You have to be.

Mary: Is part of the problem privileged access – journalists wanting to keep their sources in Washington happy?

Kirk: That’s right… So they will get called on by the president to ask a question. In other words, if you compare the journalism of today with say 50 years ago, the world has become corrupt, especially the western types of government that were the bastions of democracy and representative leadership have turned into interest group politics – I’m protecting mine, I’m getting my job.

Well, what about the truth? Well if I go after the truth, he won’t like it, and then I won’t be able to talk to him. So we are prostituting journalism to the point where it is no longer interesting or even helpful in a democracy. So I really tip my hat to any journalist who goes out there and takes the personal risk that they are going to make somebody angry. I love it.

I really tip my hat to any journalist who goes out there and takes the personal risk that they are going to make somebody angry. I love it. (Kirk Wiebe)

Bill: According to our US constitution, the free press is the only activity which is protected, and they don’t use those freedoms. That freedom was given to them to ensure that they would protect us from what our own governments were doing. This was not about a foreign threat. This is about our government and the threat it posed to us. So that’s why the free press is there!

Kirk: So to your question: if done correctly, it is vital, absolutely vital. It is the lifeblood of democracy. And that’s why whistleblowers are of such prominence, because they work with the press. The whistleblower has the secret and the press records it. It’s a source of information.

Mary: My final question is about those four drone operators who have spoken out over the last few days, who alleged that civilian casualties are much, much higher than anyone is prepared to admit and that it is making more enemies than friends of the United States across the world. What are your views on that?

Kirk: Mine is this. I am not a skilled drone user. But having been in the military and over the years learned a little bit about bombs and explosives, ultimately a drone is nothing more than a low risk way to set off an explosion and kill people. Explosions are messy because with very little explosive you can do a lot of damage. In a diameter, if you imagine a pinpoint and then a diameter around it, maybe 100ft out – it is going to do a lot of damage, including to humans.

A lot of the people who are targeted, radical people, as I understand it, are typically hanging around in groups with other radicals. It is not like they are in apartments all alone, with no other apartments around them. So there is this dilemma. That if you use a drone it is hard to be surgical, and prevent the killing of innocents – well we’ll call it ‘innocent’, we don’t know whether it is innocent or not. Certainly when you see little children who have been killed, they are innocent. But it is a difficult problem to manage and people could legitimately argue that you shouldn’t use drones because of that. ‘Why don’t you do it the old fashioned way and send special ops people in there and put a bullet in the guy’s head and don’t kill those 25 other people that are near them?’ And that’s a legitimate argument to make I think. The politicians don’t want to kill a lot of US soldiers because the people at home get mad. So they argue, ‘It’s better if I send a drone, with no pilot, no lives risked – put the risk on those other people…’

Ultimately a drone is nothing more than a low risk way to set off an explosion and kill people. (Kirk Wiebe)

Mary: …because public opinion is less sensitive to that.

Kirk: Exactly.

Mary: But don’t you think it is a scary precedent to be setting?

Kirk: I don't think it’s a precedent… the bombs with drones are no different than in the bombing raids of world war two. They killed a lot of innocent people then too. Explosives are just messy. There is no surgical precision with them…

Mary: …which is why terrorists use them.

Kirk: Exactly right. Good point.

Bill: I, on the other hand, have a much simpler view of drone attacks. I call them random slaughter. I’m just a country boy and living in the country, I learned how to hunt. The first rule of hunting is that you don’t shoot until you know your target. You identify your target before you shoot. They are not doing it. Plus they have what they call a double tap. This is a very messy, ugly business. After they do the strike they wait for everybody to come in and help, and the assumption is they are also bad so they kill them too.

I, on the other hand, have a much simpler view of drone attacks. I call them random slaughter. (William Binney)

Mary: In Pakistan I've hear it called a 'bugsplat' – a rather more graphic example of the same thing.

Bill: You can see it in the helicopter gunship murder that Chelsea Manning exposed. That was a double tap. They waited for people to come in and help. Some poor guy stopped with his kids in a van and tried to get out to help somebody bleeding on the street. And then they shot him and his kids too. Well, this is insane. I call it random slaughter.

Mary: What do you think the effects of that are?

Bill: It’s obviously not very good. I mean it doesn’t endear us to anybody! So, it’s just insane. It’s stupid.

Mary: And probably a recruiting tool for terrorists?

Bill: You don’t win friends and influence enemies by doing that. It is just like the time that Obama had the president of Ecuador’s plane stopped when it was flying back to Moscow. He had him stopped because he thought Snowden was on the plane. He had the Austrians down it in Vienna. That’s how you win diplomatic friends …

Kirk: You know the comparison between drones and terrorist attacks is spot on. What it illustrates on our side, the civilised world’s side, is that the use of drones has evolved because we are lazy. We don’t want to take the risk. It’s political. It’s really politics and trying to gain favouritism by claiming that we are not risking life therefore it is legitimate to take all these other lives. To me it’s lazy. It’s irresponsible and just something that shouldn’t be tolerated.

Bill: To me, it’s a bit too random – that’s all.

Mary: Thank you both.

There is an acute and growing tension between the concern for safety and the protection of our freedoms. How do we handle this? Read more from the World Forum for Democracy partnership.
About the authors

William Binney was the Technical Director of America’s National Security Agency (the NSA) and resigned immediately after 9/11. Previously, during the Vietnam War from 1965 – 1970, he worked in the Army Security Agency. At the NSA, he worked on traffic analysis, data system analysis and cryptography systems and code analysis and became Technical Director in mid-1997, when he ran an operations centre with around 6,000 analysts.

Mary Fitzgerald is Editor-in-Chief of openDemocracy. Before joining oD she worked for Avaaz, the global campaigning organisation, and is a former Senior Editor of Prospect Magazine. She has written for the Guardian, Observer, New Statesman and others. Follow her on Twitter: @maryftz

Kirk Wiebe was a senior analyst at the NSA from 1975 to 2001. He helped develop the ThinThread system. He was a NSA whistleblower on the Trailblazer programme. He tweets: @kirkwiebe

Read On


More from the World Forum for Democracy partnership.

We encourage anyone to comment, please consult the
oD commenting guidelines if you have any questions.