As Lawfare readers know, someone in government leaked the news that Michael Flynn did indeed discuss sanctions in his post-election phone calls with Russia’s Ambassador to the United States, Sergey Kislyak. The leaker presumably knew this because the U.S. government surveils the Russian ambassador’s phone calls, a practice permitted by the Foreign Intelligence Surveillance Act. As others have explained in recent days, the minimization procedures required by FISA almost certainly allowed intelligence officials to disseminate this information to others within the government without masking Flynn’s identity.
If you are finding Lawfare useful in these times, please consider making a contribution to support what we do.
Yet this case remains troubling, as Tim Edgar argued earlier this week. Even if one agrees that FISA and the applicable minimization procedures were likely observed here, that should be the beginning, not the end, of the analysis.
First, the headline here is that information about an American from foreign-intelligence intercepts was leaked in order to damage that American. That the information was lawfully acquired and appropriately disseminated within the government is good to know, but is hardly reassuring given that this classified information was then illegally leaked.
Second, this case illustrates why surveillance law treats U.S.-person information with the same healthy fear we associate with nuclear waste and biohazard material—that is, with the vigilance reserved for things that are inherently dangerous if not closely guarded. As Eli Lake wrote this week in Bloomberg View, selective leaking of U.S.-person information “gives the permanent state” (or political appointees entrusted with the information) “the power to destroy reputations from the cloak of anonymity.” Even if not leaked to the press, such information can be misused: J. Edgar Hoover and his subordinates infamously used salacious information gleaned from FBI surveillance of Martin Luther King, Jr., to pressure King to retreat from public life.
Justice Robert Jackson lamented the all-too-common mistake, when discussing questions of government power, of “confusing the issue of a power’s validity with the cause it is invoked to promote, of confounding the permanent executive office with its temporary occupant.” Put simply, this is not about Michael Flynn, or even Donald Trump. If you welcomed these leaks because they hastened Flynn’s departure, would you be comfortable with selective leaks of U.S.-person intercepts becoming a routine weapon in political catfights? With an unelected “permanent state” wielding this power to undermine or intimidate politically accountable officials? With political appointees using it to sideline rivals or attack political opponents? (Note that it is too soon to say whether the leaker here was a career official or a political appointee).
Third, leaks of U.S.-person information are qualitatively more corrosive than leaks of other classified intelligence information. Both have the potential to harm national security. But leaks of U.S.-person information represent a basic breach of trust with the American public and an abuse of power by those granted access to this most sensitive information. An implicit bargain underlies our national-security apparatus: Americans entrust their government with these powers on the understanding that they will be used for legitimate purposes alone—and not turned inward against those they are meant to protect. Leaking foreign-intelligence information for domestic political purposes violates this bargain.
Fourth, leaks of U.S.-person information undercut public trust in the intelligence community and endanger valuable intelligence tools. We need powerful intelligence capabilities to protect the United States from terrorism and many other geopolitical challenges. But the public will trust the intelligence community with these tools only if Americans have confidence that their use is constrained by law and consistent with American values. IC leaders, to their credit, have endeavored since the Snowden leaks to demystify their work to the American public and explain the comprehensive legal and oversight framework within which they operate. Incidents like this set those efforts back.
Finally, minimization rules limiting the acquisition, retention, and dissemination of U.S.-person information should be the beginning, not the end, of protecting such information. U.S. persons whose intercepted communications can lawfully be disseminated in unminimized form are still entitled to have those communications protected from public disclosure. The prospect of post hoc leak investigations provides some deterrent effect. But Congress should explore whether additional safeguards are needed to ensure that U.S.-person information, when it is disseminated in unminimized form, is kept secret.