I wrote a few days ago about the connection between the owner of the Washington Post – leak central for the so-called “deep state” campaign against the Trump administration – and the CIA.
In 2013, Jeff Bezos, CEO of Amazon, made two major moves at virtually the same time. He bid successfully for a $600 million cloud services contract with the CIA. And he bought the Washington Post. As highlighted in my earlier post, Barack Obama made a presidential appearance at an Amazon fulfillment center in the middle of those twin commercial dramas – a controversial event that political observers thought was odd at the time, due to the antagonism of labor advocates toward Amazon.
Political observers thought it was odd, perhaps. But tech-industry reporters could have explained the matter to them. It would have been no surprise to those who tracked developments in cloud computing. Amazon’s Web Services division, or AWS, gave Bezos half of his very big 2013 because 2013 came in the wake of a very fruitful 2012.
Will this presidential election be the most important in American history?
That fruitfulness was because 2012 was the year AWS and its cloud services package worked directly for Obama. AWS powered the famous Obama for America digital campaign model: the one that tracked and predicted the behavior of millions of voters. The AWS cloud wasn’t just a convenient vehicle for Obama for America’s digital operations. It was the game-changer. According to the participants at the time, it made all the difference. It showed what could really be accomplished through harvesting and manipulating “big data,” with on-the-fly agility.
Don’t forget that “big data” hook. But take a moment to ponder the point that Obama for America’s cloud services contractor went on the next year to get the 10-year cloud services contract with the CIA. At the same time, the contractor’s owner became the owner of the Washington Post.
There’s more. The rest of the intelligence community (IC) was also getting on the cloud-computing bandwagon. And by 2015, even agencies (like NSA) that had contracted with other vendors for cloud services were shifting their client operations to AWS. The AWS contract with the CIA covers services for all 17 of the agencies in the IC, including NSA and the intel operations of the DOJ/FBI.
Today, the migration to a shared cloud in the IC has advanced considerably. Amazon’s AWS operates that private IC cloud for the clients 24/7. For many routine purposes, the AWS cloud is the way analysts and agencies pull data, collaborate, and manipulate it.
There’s quite a sizable moral hazard here already, with a single owner of both the Washington Post and the cloud-services contractor for the entire intelligence community. (AWS also has cloud services contracts with other government agencies, including DOD and HHS.) But back on that “big data” hook. The interesting thing about it is that it is a common thread running through each act and actor in our drama.
A big data thread
The Obama for America campaign made a very big deal of it, as it applies to voters and on-the-ground politics. In 2017, we are already seeing, with the retooled “Organizing for Action” non-profit –what Obama for America became in 2013, after the 2012 election was over – the same intense and distinctive organizing outreach the 2012 campaign was famous for. (And for what it’s worth, Organizing for Action’s online presence was hosted by Amazon Web Services up through at least 2015. OFA moved to a different domain registrar and hosting service in December 2016.)
Amazon, meanwhile, has always been about big data. Big data – tracking you, the customer, and knowing your wants and habits before you figure them out yourself – is Amazon’s bread and butter. There’s a meaningful sense in which Amazon is big data, and was made by big data. (See here and here for reasons why that makes some folks very uneasy about the Amazon cloud venture with the IC.)
The intel community, for its part, has been increasingly invested in big data since at least the mid-1990s. It got a major jolt for collecting big data from the aftermath of 9/11. And this next point can’t be overemphasized: the intel cycle paradigm shifted after 9/11 from priority- and event-driven collection to event-driven data retrieval, with collection as an ongoing, environmental condition. (For a fairly deep dive into this, see my 2015 commentary on the big-data focus of the Jade Helm exercise.)
The intel data coffers are being filled constantly now, with whatever is out there that can be recorded in some way. The IC agencies then pull from the unfathomably huge data stores when a priority or event comes along.
That is understandably alarming to many citizens, whenever it comes up for political criticism. I don’t like it myself. But in that way, intel has become more and more like the Obama model for political organizing, and the Amazon model for commercial insight.
It’s not just legitimate, it’s essential to think about what that may mean, when (a) Obama-type organizers, (b) Jeff Bezos’s Amazon, and (c) the intel community are all linked through a data cloud contract.
And it’s extra-special when there’s a handy spigot out one end – the Washington Post – owned by the guy in the middle.
Factors in aggravation
Now add three more factors that we know about. One, officials in the intel community have already made illegal disclosures to the Washington Post. Regardless of how they came by the information they claim to have about Mike Flynn, and what they claim it is, it’s illegal for them to tell a WaPo reporter about it. So we know there are IC officials willing to commit illegal acts with protected data.
It thus cannot be credibly argued that, hey, no one is going to actually do that. It’s already been done. It could most certainly be a vulnerability for the IC cloud operated by Amazon AWS. Indeed, that vulnerability may already have been weaponized in the attack on Flynn.
Factor two is the reporting that Obama aides, besides “community organizing” for “resistance,” are operating a form of “shadow government,” intended to thwart the Trump administration at every turn. IC officials are reported to be part of this effort (see links at my earlier post, from the first paragraph).
The third factor is an arcane change in rules for the intel community, signed by James Clapper and Loretta Lynch in the very last weeks of the Obama administration. This change is significant because it’s about how the IC accesses, and protects, big data.
The protections under U.S. law for the personal information of presumed-innocent Americans, which is now routinely and constantly collected by eavesdropping agencies (NSA and the FBI), have been substantially weakened over the last 15 years. But the rules change made by Clapper and Lynch, who signed a revision to Executive Order 12333 on 15 December 2016 and 3 January 2017, respectively, basically guts those protections in any practical sense.
The new language tells NSA to take initiative to notify other agencies of “unminimized” data they might find useful, any of which could be about American citizens. And in effect, it formally authorizes a practice skeptics have long warned the IC is engaging in anyway, through the “back door”: letting other agencies retrieve raw data – not “metadata,” and not filtered or “minimized” data, but identifying content – which NSA has collected on millions of unwitting targets.
The means for this kind of data retrieval are in place. The IC has been using an internal search engine for several years now called ICREACH, described as a “Google for intelligence.” Its purpose was precisely to streamline retrieval and manipulation of NSA’s huge data stores. With the Amazon-operated cloud in place, the IC agencies are increasingly connected at a level that supports such rapid, tailored data retrieval and analysis.
Something amiss here
I don’t have the space for a lengthy discussion here, but three things that really bother me about this rule change are worth mentioning (besides the obvious point that it guts the fragile remaining protections for Americans’ private information).
One, the timing is uncanny, in light of the timeline of the Mike Flynn drama. There is enough about the inexplicable back and forth of the Flynn drama to make it questionable just exactly how it was turned into a “thing” in the first place. It bears looking into, and so does the 12333 revision – for interlinked reasons.
Two, the revision to E.O. 12333 is a major one, but it was made in the form of an interagency document, and not a new presidential order. Previous revisions to 12333 were made by new presidential executive orders. It doesn’t look good for transparency, for the Clapper-Lynch revision to be signed at their level, and so quietly.
And three, the possibility that leaps out at a skeptical observer is that 12333 was quietly revised to keep big-data searches in place, even after the scheduled 2017 sunset of a similar, but more restrictive, formal authorization of those searches under the 2008 FISA Amendments Act.
Taken all together, these factors are structural vulnerabilities that invite abuse. This mess really needs a congressional investigation. President Trump could promptly revoke the 12333 revision, and I hope he will. America is overdue as well for a thorough public food fight over big data versus the Fourth Amendment.
But we need to get to the bottom of who is making illegal disclosures of sensitive information from the intelligence community. And, although I’m not a fan of making a new law every time something untoward comes up, I do think that no one should be allowed to both own a major media outlet and operate privileged IT services for government agencies. It should be one or the other. You buy the media outlet – you give up your eligibility to operate an IT cloud for the managers of the nation’s most sensitive data repository.
