Snowden Calls For Special Protection For Whistleblowers

From safety in Moscow, Edward Snowden has called for a complete overhaul of US whistleblower protections after a new source from deep inside the Pentagon came forward with a startling account of how the system became a “trap” for those seeking to expose wrongdoing.

The account of John Crane, a former senior Pentagon investigator, appears to undermine Barack Obama, Hillary Clinton and other major establishment figures who argue that there were established routes for Snowden other than leaking to the media.

Crane, a longtime assistant inspector general at the Pentagon, has accused his old office of retaliating against a major surveillance whistleblower, Thomas Drake, in an episode that helps explain Snowden’s 2013 National Security Agency disclosures. Not only did Pentagon officials provide Drake’s name to criminal investigators, Crane told the Guardian, they destroyed documents relevant to his defence.

Snowden, responding to Crane’s revelations, said he had tried to raise his concerns with colleagues, supervisors and lawyers and been told by all of them: “You’re playing with fire.”

He told the London Guardian: “We need iron-clad, enforceable protections for whistleblowers, and we need a public record of success stories. Protect the people who go to members of Congress with oversight roles, and if their efforts lead to a positive change in policy – recognize them for their efforts. There are no incentives for people to stand up against an agency on the wrong side of the law today, and that’s got to change.”

Snowden continued: “The sad reality of today’s policies is that going to the inspector general with evidence of truly serious wrongdoing is often a mistake. Going to the press involves serious risks, but at least you’ve got a chance.”

Financially ruined

Thomas Drake’s legal ordeal ruined him financially and ended in 2011 with all serious accusations against him dropped. His case served as a prologue to Snowden’s. Now Crane’s account has led to a new investigation at the US justice department into whistleblower retaliation at the Pentagon that may serve as an epilogue – one Crane hopes will make the Pentagon a safe place for insiders to expose wrongdoing and illegality.

“If we have situations where we have whistleblowers investigated because they’re whistleblowers to the inspector general’s office, that will simply shut down the whole whistleblower system,” Crane told the Guardian.

Crane, who has not previously given interviews, has told his explosive story in a new book, Bravehearts: Whistle Blowing In The Age of Snowden by Mark Hertsgaard, from which the Guardian is running extracts. 

“When someone becomes a whistleblower, they’re making a serious, conscious decision,” Crane said. “They’re making a decision that can change their lives, change their futures, impact family life, too. There needs to be this certain unbreakable trust. Confidentiality is that trust and that can’t ever be violated.”

Snowden cited Drake’s case as a reason for his lack of faith in the government’s official whistleblower channels. “When I was at NSA, everybody knew that for anything more serious than workplace harassment, going through the official process was a career-ender at best. It’s part of the culture,” Snowden told the Guardian. “If your boss in the mailroom lies on his timesheets, the IG might look into it. But if you’re Thomas Drake, and you find out the president of the United States ordered the warrantless wiretapping of everyone in the country, what’s the IG going to do? They’re going to flush it, and you with it.”

While Drake’s case is well known in US national security circles, its internal history is not.

Major source

In 2002, Drake and NSA colleagues contacted the Pentagon inspector general to blow the whistle on an expensive and poorly performing tool, Trailblazer, for mass-data analysis. Crane, head of the office’s whistleblower unit, assigned investigators. For over two years, with Drake as a major source, they acquired thousands of pages of documents, classified and unclassified, and prepared a lengthy secret report in December 2004 criticizing Trailblazer, eventually helping to kill the program. As far as Crane was concerned, the whistleblower system was working.

But after an aspect of the NSA’s warrantless mass surveillance leaked to the New York Times, Drake himself came under investigation and eventually indictment. Drake was suspected of hoarding documentation – exactly what inspector-general investigators tell their whistleblowers to do.

“They made it clear to keep [documents] wherever possible, and obviously properly handle anything that was classified,” Drake remembered.

Crane feared that his own colleagues had told the FBI about Drake. He suspected the Pentagon inspector general’s lead attorney, Henry Shelley, whom Crane said had earlier suggested working with the justice department about the leak, had done so. A confrontation yielded what Crane considered to be evasions.

“The top lawyer would not reveal to me whether or not Drake’s confidentiality had been compromised or not. That was a concern … Normally I expect direct answers,” Crane said.

When Drake’s attorneys sought potentially exculpatory information from the inspector general’s office, they learned that much of it had been “destroyed before the defendant was charged, pursuant to a standard document destruction policy”, according to a 2011 letter from prosecutors.

Crane was livid. All relevant regulations mandated keeping the documents, not destroying them. But a high-ranking colleague, Lynne Halbrooks, prevented Crane from investigating the document destruction. He suspected Shelley and Halbrooks of sacrificing a whistleblower and misleading the justice department and a federal judge, all in a case centering around the cover-up of NSA bulk surveillance.

Forced out

Crane’s relationship with his superiors spiraled downward until they forced him out in 2013, months before Snowden’s revelations. The next year, he filed a complaint with a federal agency that works with whistleblowers, the Office of Special Counsel. In March this year, it found a “substantial likelihood” that the Pentagon inspector general’s office improperly destroyed the Drake documents and arranged, with Pentagon consent, for the justice department inspector general to investigate.

Shelley, still the Pentagon inspector general’s senior counsel, declined to answer questions but said he was “certain my name will be cleared” by the new investigation.

Halbrooks, the Office of Special Counsel and the justice department inspector general declined to comment for this story. Bridget Serchak, a spokeswoman for the Pentagon inspector general, noted that her office and the Office of Special Counsel jointly requested the justice department investigation. “It is important to point out that there has been no determination on the allegations, and it is unfair to characterize the allegations otherwise at this point. DoD OIG will cooperate fully with the DoJ OIG’s investigation of this matter and looks forward to the results of that investigation,” Serchak said.

Crane considers this latest inquiry a bellwether for whether the whistleblower system can reform itself in a post-Snowden era.

“Snowden responded to the way Drake was handled. The Office of Special Council investigation regarding destruction of possibly exculpatory documents regarding Drake might be the end of this saga,” Crane said.

Guardian:

« NATO Tools Up For Cybewar
Hackers Target Vulnerabilities Across US Politics »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Virus Bulletin

Virus Bulletin

Virus Bulletin is an online security information portal and certification body, providing users with independent intelligence about the latest developments in the global threat landscape.

GFI Software

GFI Software

GFI Software works with System Administrators, IT Professionals and IT Executives to ensure that their IT infrastructures are monitored, managed, secured and compliant.

a1qa

a1qa

a1qa specializes in the delivery of full-cycle software QA and application testing services.

Verlingue

Verlingue

Verlingue (formerly ICB Group) is a leading corporate insurance broker providing Insurance, Risk Management and related advice to businesses and private clients.

ISGroup (Information Security Group)

ISGroup (Information Security Group)

ISGroup services include network penetration testing, Web application penetration testing, ethical hacking, vulnerability assessments, code review and associated training.

Invensity

Invensity

INVENSITY is an interdisciplinary technology and innovation consulting company. Centres of excellence include Cyber Security and Data Privacy.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

Consensys

Consensys

ConsenSys is a global blockchain company. We develop enterprise applications, invest in startups, build developer tools, and offer blockchain education.

GrayMatter

GrayMatter

GrayMatter provides Advanced Industrial Analytics, OT Cybersecurity, Digital Transformation and Automation & Control services to clients across the U.S. and Canada.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

Blink Ops

Blink Ops

Blink helps security teams streamline everyday workflows and protect your organization better.

DART Consulting & Training

DART Consulting & Training

DART is a leading cyber training and consultancy company. We enhance our clients’ cyber capabilities by growing and strengthening their frontline defense – the cyber teams.

Dotsquares

Dotsquares

Dotsquares leverage the latest web and mobile technologies to build, grow and support your business.

Kolide

Kolide

Kolide ensures that if a device isn't secure, it can't access your apps.

Insane Cyber

Insane Cyber

Insane Cyber make cybersecurity easier to manage through automated, easy-to-use software and expert support and partnership.

WaveLink

WaveLink

WaveLink offers low risk, results-oriented Engineering Services and best-of-class Technical Support Services. Areas of expertise include cyber and security engineering.