These notes have been prompted by the news that two former BND Presidents have called for "a new technical intelligence service based on the models of NSA in the US and GCHQ in the UK" and for the intelligence services to be resubordinated from the Chancellor to the MOD. A link to this story is here. (They also suggest that the German oversight regime is burdensome and that new legislation is needed in Germany for interception, but this is an area in which the national context makes comparison with other countries difficult.)
I don't think that there's a "right model" for the structure of intelligence services in different countries but there are some points worth considering.
The first is that the US isn't a model for any other country: nobody else can even begin afford such a massive structure with so much overlap (redundancy? - you pay your money and you take your choice). The fact that even the US Coastguard has its own Sigint service illustrates this point.
The second is whether Sigint and Humint ought to be part of one organisation. The UK model works for the UK but is a product of the way intelligence and security were organised after the First World War (when SIS was on the Secret Vote and GC&CS on the Open Vote) rather than of any great and lasting axiom. In recent years there have been moves to streamline support functions across the agencies where it makes sense, and to have senior members of staff do tours in each other's organisations, but as an aid to understanding and to introduce new ways of thinking rather than as a prelude to some sort of merger.
So I don't think that there's any reason in principle to insist that Sigint and Humint must be part of separate agencies; but I do think that they need to be separate within their agencies below the 'very senior management' level. That's because they are fundamentally different disciplines, meeting only at the point of producing intelligence. To generalise, but not, I believe, to caricature: Humint depends on maximum security to preserve the anonymity of its sources. If the Foreign Minister of Ruritania is secretly passing information to your service, you really, really don't want the fact to be common knowledge within it, and the effort that will go into de-sourcing and sanitising the intelligence produced from what he gives your agency, and controlling its handling outside will be critical. Within the intelligence production part of a Sigint agency, on the other hand, information sharing is just as critical. The starting point for Sigint production is knowing what communications links are available to you, and whether they might carry the potential sources of the intelligence you have been tasked with producing: that's a corporate task, not the work of an individual.
And to generalise once again: Humint and Sigint need teams with different mixes of people. Sigint will do best when it has a lot of deeply analytic people who will look at very large datasets methodically and not rush to judgement; Humint officers will often be people who able to make crucial decisions on the fly, trusting that their instincts are sufficiently developed and informed to generate good decisions. Sigint decisions are made once all relevant information has been considered; Humint decisions are made once enough information has been considered. Of course each discipline needs a good mix of personality types, but there is a fundamental difference in information processing between the two.
This means that for each of Sigint and Humint to be able to flourish in one agency, they have to be largely autonomous. Neither Humint nor Sigint is 'better' than the other: in fact they aren't really comparable. At different times there might be different emphasis put on the two disciplines and resource for one might be increased at the expense of the other, but the way they work, the timescales in which they plan, they way their product is disseminated, and the relationships they have with agencies in other countries is fundamentally different.
It goes without saying, I hope, that the process of assessment of Sigint and Humint, and the production of a considered all source view should be carried out of the agency or agencies that have produced the original intelligence.
As far as subordination is concerned: I think the vast majority of national intelligence agencies are responsible to their Ministers of Defence, and all have a greater or lesser military element as part of their structure. I think this is an area in which the national context is important, but in my opinion British Sigint was fortunate that GC&CS was transferred from the Admiralty to the Foreign Office in 1921, that control of all but the tactical activity of service Sigint elements became the responsibility of GCHQ during the Second World War, and that all service Sigint became formally part of GCHQ under section 3 (3) of the Intelligence Services Act of 1994
'In this Act the expression “GCHQ” refers to the Government Communications Headquarters and to any unit or part of a unit of the armed forces of the Crown which is for the time being required by the Secretary of State to assist the Government Communications Headquarters in carrying out its functions.'
This doesn't absolve GCHQ of having to produce the intelligence required by the UK and allied military, and it adds a cost of having to embed GCHQ civilian staff with military formations to make sure that the right intelligence is being produced and disseminated to those who need it, but being outside the chain of command, deploying rank-less civilians, and controlling the development of the technical facilities it deploys give GCHQ a flexibility that it is hard to imagine if the military still "owned" Sigint. This is only an opinion, but it is an informed opinion about Sigint in the UK: I have seen how military-managed Sigint works in NATO allies, and it can work just as well; but the context in which capabilities have been developed is very different.
I haven't talked about communications security/information assurance/cyber here: I'll address that soon. Responsibility for it in the UK was changed a couple of times in the twentieth century but it eventually returned to the UK's national Sigint organisation as a conscious change.
No comments:
Post a Comment