Chris Anderson: We had Edward Snowden here a couple days ago, and this is response time. And several of you have written to me with questions to ask our guest here from the NSA. So Richard Ledgett is the 15th deputy director of the National Security Agency, and he's a senior civilian officer there, acts as its chief operating officer, guiding strategies, setting internal policies, and serving as the principal advisor to the director. And all being well, welcome, Rick Ledgett, to TED. (Applause)
Kris Anderson: Edvard Snouden je bio ovde pre par dana, i sad je vreme za odgovor. Nekoliko vas mi je poslalo pitanja za našeg gosta iz NSA. Ričard Ledžet je 15. zamenik direktora agencije za državnu bezbednost, i viši civilni službenik, radi kao izvršni rukovodilac, vodi strategije, postavlja interna pravila i glavni je savetnik direktora. I ako je sve u redu, poželimo Riku Ledžetu dobrodošlicu na TED. (Aplauz)
Richard Ledgett: I'm really thankful for the opportunity to talk to folks here. I look forward to the conversation, so thanks for arranging for that.
Ričard Ledžet: Hvala vam na prilici da vam se obratim. Radujem se razgovoru, hvala što ste ovo organizovali.
CA: Thank you, Rick. We appreciate you joining us. It's certainly quite a strong statement that the NSA is willing to reach out and show a more open face here. You saw, I think, the talk and interview that Edward Snowden gave here a couple days ago. What did you make of it? RL: So I think it was interesting. We didn't realize that he was going to show up there, so kudos to you guys for arranging a nice surprise like that. I think that, like a lot of the things that have come out since Mr. Snowden started disclosing classified information, there were some kernels of truth in there, but a lot of extrapolations and half-truths in there, and I'm interested in helping to address those. I think this is a really important conversation that we're having in the United States and internationally, and I think it is important and of import, and so given that, we need to have that be a fact-based conversation, and we want to help make that happen.
KA: Hvala Vama, Rik. Cenimo to što ste nam se pridružili. Volja NSA da se javi i pokaže otvorenost ovde ostavlja snažan utisak. Mislim da ste videli govor i intervju sa Edvardom Snoudenom od pre par dana. Šta mislite o tom govoru? RL: Mislim da je bio zanimljiv. Nismo znali da će se on pojaviti, bravo za vas što ste priredili jedno tako lepo iznenađenje. Kao i mnoge stvari koje su izašle na videlo od kad je gospodin Snouden počeo da objavljuje poverljive informacije, mislim da je tu bilo dosta istinitih delova, ali i dosta zaključaka i poluistina, i želim da pomognem u njihovom razjašnjavanju. Mislim da je ovaj razgovor koji vodimo u SAD-u i internacionalno veoma važan, mislim da je od značaja, i pošto je tako, on mora da bude zasnovan na činjenicama, a mi želimo u tome da pomognemo.
CA: So the question that a lot of people have here is, what do you make of Snowden's motivations for doing what he did, and did he have an alternative way that he could have gone?
KA: Ono što se mnogi ovde pitaju je, šta mislite o Snoudenovim motivima da uradi to što je uradio, i da li je mogao da ide nekim drugim putem?
RL: He absolutely did have alternative ways that he could have gone, and I actually think that characterizing him as a whistleblower actually hurts legitimate whistleblowing activities. So what if somebody who works in the NSA -- and there are over 35,000 people who do. They're all great citizens. They're just like your husbands, fathers, sisters, brothers, neighbors, nephews, friends and relatives, all of whom are interested in doing the right thing for their country and for our allies internationally, and so there are a variety of venues to address if folks have a concern. First off, there's their supervisor, and up through the supervisory chain within their organization. If folks aren't comfortable with that, there are a number of inspectors general. In the case of Mr. Snowden, he had the option of the NSA inspector general, the Navy inspector general, the Pacific Command inspector general, the Department of Defense inspector general, and the intelligence community inspector general, any of whom would have both kept his concerns in classified channels and been happy to address them. (CA and RL speaking at once) He had the option to go to congressional committees, and there are mechanisms to do that that are in place, and so he didn't do any of those things.
RL: Apsolutno je imao drugačije puteve kojima je mogao krenuti, i mislim da opisivanje njega kao uzbunjivača šteti legitimnim uzbunjivačkim aktivnostima. Šta ako neko ko radi za NSA - a ima 35.000 zaposlenih. Oni su svi dobri građani. Oni su kao vaši muževi, očevi, sestre, braća, komšije, sestrići, prijatelji, rođaci, i svi žele da urade ispravnu stvar za svoju zemlju i za naše međunarodne saveznike, tako da postoji mnoštvo načina da se rešavaju brige ako postoje. Prvo, tu je njihov nadređeni, i lanac nadređenih unutar njihove organizacije. Ako ljudima to ne odgovara, postoji mnoštvo nadzornih organa. U ovom slučaju, gospodin Snouden je imao opciju nadzornog organa NSA, nadzornog organa mornarice, nadzornog organa pacifičke komande, Ministarstva odbrane, kao i obaveštajne zajednice, i svaki od njih bi njegovu zabrinutost zadržao u poverljivim kanalima i rado bi se njima pozabavio. (KA i RL govore uglas) Imao je opciju da se obrati kongresnom komitetu, postoje mehanizmi za to, a on ništa od toga nije uradio.
CA: Now, you had said that Ed Snowden had other avenues for raising his concerns. The comeback on that is a couple of things: one, that he certainly believes that as a contractor, the avenues that would have been available to him as an employee weren't available, two, there's a track record of other whistleblowers, like [Thomas Andrews Drake] being treated pretty harshly, by some views, and thirdly, what he was taking on was not one specific flaw that he'd discovered, but programs that had been approved by all three branches of government. I mean, in that circumstance, couldn't you argue that what he did was reasonable?
KA: Rekli ste da je Ed Snouden imao drugih načina da izrazi svoju zabrinutost. Postoji nekoliko odgovora na to: prvo, on veruje da kao radnik po ugovoru nije imao iste načine koje imaju redovni zaposleni, drugo, zna se da su drugi uzbunjivači kao što je Tomas Endrus Drejk, po nekim mišljenjima, tretirani prilično oštro, i treće, on se nije bavio jednom određenom manom koju je otkrio, nego programima koje su odobrile sve tri grane vlade. U takvim okolnostima, zar ne mislite da je ono što je uradio bilo razumno?
RL: No, I don't agree with that. I think that the — sorry, I'm getting feedback through the microphone there — the actions that he took were inappropriate because of the fact that he put people's lives at risk, basically, in the long run, and I know there's been a lot of talk in public by Mr. Snowden and some of the journalists that say that the things that have been disclosed have not put national security and people at risk, and that is categorically not true. They actually do. I think there's also an amazing arrogance to the idea that he knows better than the framers of the Constitution in how the government should be designed and work for separation of powers and the fact that the executive and the legislative branch have to work together and they have checks and balances on each other, and then the judicial branch, which oversees the entire process. I think that's extremely arrogant on his part.
RL: Ne, ne slažem se s tim. Mislim da - izvinite, čujem eho kroz mikrofon - njegovi postupci nisu bili primereni jer je ugrozio živote ljudi, na duge staze, i znam da u javnosti, gospodin Snouden i neki novinari govore da stvari koje je razotkrio nisu ugrozile državnu bezbednost i živote ljudi, i kategorički tvrdim da to nije istina. Ugrozile su. Takođe mislim da postoji mnogo arogancije u ideji da on zna bolje od onih koji su doneli Ustav o tome kako bi vlada trebalo da izgleda i radi na razdvajanju moći i činjenice da izvršni i zakonodavni organak moraju da rade zajedno i proveravaju jedan drugog, a potom i sudski ogranak koji nadgleda ceo proces. Mislim da je to veoma arogantno s njegove strane.
CA: Can you give a specific example of how he put people's lives at risk?
KA: Da li možete da date konkretan primer rizika kojima je izložio ljude?
RL: Yeah, sure. So the things that he's disclosed, the capabilities, and the NSA is a capabilities-based organization, so when we have foreign intelligence targets, legitimate things of interest -- like, terrorists is the iconic example, but it includes things like human traffickers, drug traffickers, people who are trying to build advanced weaponry, nuclear weapons, and build delivery systems for those, and nation-states who might be executing aggression against their immediate neighbors, which you may have some visibility into some of that that's going on right now, the capabilities are applied in very discrete and measured and controlled ways. So the unconstrained disclosure of those capabilities means that as adversaries see them and recognize, "Hey, I might be vulnerable to this," they move away from that, and we have seen targets in terrorism, in the nation-state area, in smugglers of various types, and other folks who have, because of the disclosures, moved away from our ability to have insight into what they're doing. The net effect of that is that our people who are overseas in dangerous places, whether they're diplomats or military, and our allies who are in similar situations, are at greater risk because we don't see the threats that are coming their way.
RL: Da, naravno. Ono što je otkrio, sposobnosti, a NSA je organizacija zasnovana na sposobnostima, pa kad su nam mete strane obaveštajne službe, legitimne stvari od interesa - teroristi su klasičan primer, ali i trgovci ljudima, trgovci drogom, ljudi koji pokušavaju da naprave napredno i nuklearno oružje, i sisteme koji ih omogućavaju, države koje ispoljavaju agresiju prema svojim susedima, možda imate nekog uvida u neke od tih stvari koje se trenutno dešavaju, te sposobnosti se primenjuju na veoma diskretne, precizne i kontrolisane načine. I neometano otkrivanje tih sposobnosti znači da kad ih protivnici vide i prepoznaju da mogu biti njima izloženi, oni će se povući, i viđali smo teroriste u nekim državama, ili razne krijumčare i druge, koji su se, zbog tih otkrića, povukli i mi više nismo u mogućnosti da imamo uvid u ono što rade. Posledica toga je da su naši ljudi koji se nalaze na opasnim mestima, bilo da su diplomate ili vojnici, ali i saveznici u sličnim situacijama, izloženi većem riziku jer mi ne vidimo pretnje kojima su izloženi.
CA: So that's a general response saying that because of his revelations, access that you had to certain types of information has been shut down, has been closed down. But the concern is that the nature of that access was not necessarily legitimate in the first place. I mean, describe to us this Bullrun program where it's alleged that the NSA specifically weakened security in order to get the type of access that you've spoken of.
KA: Dakle, to je opšti odgovor, koji kaže da je zbog njegovih otkrića, vaš pristup određenim informacijama je prekinut, zatvoren. Ali zabrinutost je u vezi s tim što taj pristup nije od samog početka bio legalan. Mislim, objasnite nam program "Bullrun" koji navodi da je NSA namerno oslabila bezbednost da bi dobila upravo taj pristup o kom govorite.
RL: So there are, when our legitimate foreign intelligence targets of the type that I described before, use the global telecommunications system as their communications methodology, and they do, because it's a great system, it's the most complex system ever devised by man, and it is a wonder, and lots of folks in the room there are responsible for the creation and enhancement of that, and it's just a wonderful thing. But it's also used by people who are working against us and our allies. And so if I'm going to pursue them, I need to have the capability to go after them, and again, the controls are in how I apply that capability, not that I have the capability itself. Otherwise, if we could make it so that all the bad guys used one corner of the Internet, we could have a domain, badguy.com. That would be awesome, and we could just concentrate all our efforts there. That's not how it works. They're trying to hide from the government's ability to isolate and interdict their actions, and so we have to swim in that same space. But I will tell you this. So NSA has two missions. One is the Signals Intelligence mission that we've unfortunately read so much about in the press. The other one is the Information Assurance mission, which is to protect the national security systems of the United States, and by that, that's things like the communications that the president uses, the communications that control our nuclear weapons, the communications that our military uses around the world, and the communications that we use with our allies, and that some of our allies themselves use. And so we make recommendations on standards to use, and we use those same standards, and so we are invested in making sure that those communications are secure for their intended purposes.
RL: Kada naše legitimne mete stranih obaveštajnih službi, koje sam ranije opisao, koriste globalni telekomunikacioni sistem kao svoju metodologiju komunikacije, a koriste ga, jer je to sjajan sistem, najsloženiji sistem koji je čovek napravio, i pravo čudo, i mnogi tu u prostoriji su zaslužni za njegovu izradu i razvoj, i to je sjajna stvar. Ali koriste ga i ljudi koji rade protiv nas i naših saveznika. I ako želim da ih nađem, moram da imam mogućnost da ih tražim, i ponavljam, kontrola je u tome kako primenjujem te mogućnosti, a ne u činjenici da imam mogućnost. Inače, kad bismo mogli da napravimo da loši momci koriste jedan deo interneta, imali bismo domen losmomak.com. To bi bilo odlično i mogli bismo da fokusiramo naše snage na to. Ali to ne funkcioniše tako. Oni pokušavaju da se sakriju od vladinih mogućnosti da izoluje i zabrani njihove postupke, pa moramo da se nalazimo u istom prostoru. Ali reći ću vam nešto. NSA ima dve misije. Jedna je "Signals Intelligence", o kojoj smo nažalost mnogo čitali u štampi. Druga je "Information Assurance", koja štiti sisteme državne bezbednosti SAD-a, pod to spada komunikacija predsednika, komunikacija koja štiti naše nuklearno naoružanje, komunikacija koju naša vojska koristi širom sveta, i komunikacija koju koristimo sa našim saveznicima, kao i neka koju oni sami koriste. Mi preporučujemo standarde za korišćenje, i mi koristimo iste te standarde i stalo nam je do toga da je ta komunikacija sigurna u svojoj svrsi.
CA: But it sounds like what you're saying is that when it comes to the Internet at large, any strategy is fair game if it improves America's safety. And I think this is partly where there is such a divide of opinion, that there's a lot of people in this room and around the world who think very differently about the Internet. They think of it as a momentous invention of humanity, kind of on a par with the Gutenberg press, for example. It's the bringer of knowledge to all. It's the connector of all. And it's viewed in those sort of idealistic terms. And from that lens, what the NSA has done is equivalent to the authorities back in Germany inserting some device into every printing press that would reveal which books people bought and what they read. Can you understand that from that viewpoint, it feels outrageous?
KA: Ali zvuči kao da govorite da je, kad se radi o internetu, bilo kakva strategija fer ako povećava sigurnost Amerike. Mislim da delom zbog toga dolazi do tolikog razilaženja u mišljenjima, mnogi u ovoj prostoriji i širom sveta drugačije razmišljaju o internetu. Oni ga smatraju važnim izumom čovečanstva, na nivou Gutenbergove štamparske prese, na primer. On znanje čini dostupnim svima. Povezuje sve ljude. I posmatra se idealistički. U tom kontekstu, postupci NSA jednaki su postupcima nemačke vlade koja je u svaku štamparsku presu ubacivala uređaj koji je otkrivao koje knjige ljudi kupuju i šta čitaju. Da li razumete da, iz te tačke gledišta, to deluje šokantno?
RL: I do understand that, and I actually share the view of the utility of the Internet, and I would argue it's bigger than the Internet. It is a global telecommunications system. The Internet is a big chunk of that, but there is a lot more. And I think that people have legitimate concerns about the balance between transparency and secrecy. That's sort of been couched as a balance between privacy and national security. I don't think that's the right framing. I think it really is transparency and secrecy. And so that's the national and international conversation that we're having, and we want to participate in that, and want people to participate in it in an informed way. So there are things, let me talk there a little bit more, there are things that we need to be transparent about: our authorities, our processes, our oversight, who we are. We, NSA, have not done a good job of that, and I think that's part of the reason that this has been so revelational and so sensational in the media. Nobody knew who we were. We were the No Such Agency, the Never Say Anything. There's takeoffs of our logo of an eagle with headphones on around it. And so that's the public characterization. And so we need to be more transparent about those things. What we don't need to be transparent about, because it's bad for the U.S., it's bad for all those other countries that we work with and that we help provide information that helps them secure themselves and their people, it's bad to expose operations and capabilities in a way that allows the people that we're all working against, the generally recognized bad guys, to counter those.
RL: To razumem, i slažem se sa mišljenjem o korisnosti interneta, i rekao bih da je to i više od interneta. To je globalni komunikacioni sistem. Internet je veliki deo toga, ali postoji mnogo više. Mislim da su ljudi s pravom zabrinuti za balans između transparentnosti i tajnosti. To se predstavlja kao balans između privatnosti i državne bezbednosti. Mislim da to nije dobar okvir. Mislim da se zaista radi o transparentnosti i tajnosti. To je državni i međunarodni razgovor u kom želimo da učestvujemo i želimo da ljudi učestvuju sa pravim informacijama. Postoje stvari, dozvolite da kažem više, u vezi s kojima moramo biti transparentni: naše nadležnosti, naši procesi, naše greške, naš identitet. Mi, NSA, nismo to dobro radili, i mislim da je to deo razloga što je ovo bilo tako razotkrivajuće i tako senzacionalno u medijima. Niko nije znao ko smo. Bili smo Nikakva Stvarna Agencija, Nemi Smo Apsolutno. Postoje parodije našeg logoa, orao sa slušalicama. Tako nas javnost doživljava. Moramo da budemo transparentniji u vezi sa tim stvarima. Ono što ne moramo da otkrivamo, jer je loše po SAD, kao i za sve druge države s kojima radimo, i kojima pomažemo davanjem informacija koje im pomažu da zaštite sebe i svoj narod, loše je razotkriti operacije i mogućnosti na način da ljudi protiv kojih svi radimo, koji su poznati kao loši momci, mogu do njih da dođu.
CA: But isn't it also bad to deal a kind of body blow to the American companies that have essentially given the world most of the Internet services that matter? RL: It is. It's really the companies are in a tough position, as are we, because the companies, we compel them to provide information, just like every other nation in the world does. Every industrialized nation in the world has a lawful intercept program where they are requiring companies to provide them with information that they need for their security, and the companies that are involved have complied with those programs in the same way that they have to do when they're operating in Russia or the U.K. or China or India or France, any country that you choose to name. And so the fact that these revelations have been broadly characterized as "you can't trust company A because your privacy is suspect with them" is actually only accurate in the sense that it's accurate with every other company in the world that deals with any of those countries in the world. And so it's being picked up by people as a marketing advantage, and it's being marketed that way by several countries, including some of our allied countries, where they are saying, "Hey, you can't trust the U.S., but you can trust our telecom company, because we're safe." And they're actually using that to counter the very large technological edge that U.S. companies have in areas like the cloud and Internet-based technologies.
KA: Ali zar isto tako nije loše udariti američke kompanije koje su svetu dale većinu internet servisa koji su važni? RL: Jeste. Zapravo su te kompanije u teškoj poziciji, kao i mi, jer te kompanije, mi ih primoravamo da daju informacije, baš kao što svaka druga nacija na svetu radi. Svaka industrijalizovana država na svetu ima zakonski program presretanja, gde se zahteva od kompanija da obezbede informacije koje su potrebne zbog bezbednosti, i kompanije koje su uključene složile su se s tim programima, na isti način kao kad rade u Rusiji ili Britaniji, ili Kini, Indiji, Francuskoj, bilo kojoj zemlji koju zamislite. Činjenica da se ova otkrića naveliko karakterišu kao "ne možete verovati kompaniji A jer vaša privatnost nije sigurna kod njih" je tačna samo u smislu da je tačna u svakoj drugoj kompaniji na svetu koja radi sa nekom od tih zemalja. To su ljudi uzeli kao marketinšku prednost i nekoliko država to tako i predstavlja, uključujući i neke naše saveznike, koji govore: "Hej, ne možete verovati SAD-u, ali možete verovati našoj telekomunikacionoj kompaniji, jer smo mi bezbedni." To koriste da kontriraju velikoj tehnološkoj prednosti koju imaju američke kompanije u poljima "oblaka" i tehnologijama baziranim na internetu.
CA: You're sitting there with the American flag, and the American Constitution guarantees freedom from unreasonable search and seizure. How do you characterize the American citizen's right to privacy? Is there such a right?
KA: Sedite ispred američke zastave, a američki Ustav garantuje slobodu od neopravdanog pretresa i zaplene. Kako opisujete pravo američkih građana na privatnost? Da li tako nešto postoji?
RL: Yeah, of course there is. And we devote an inordinate amount of time and pressure, inordinate and appropriate, actually I should say, amount of time and effort in order to ensure that we protect that privacy. and beyond that, the privacy of citizens around the world, it's not just Americans. Several things come into play here. First, we're all in the same network. My communications, I'm a user of a particular Internet email service that is the number one email service of choice by terrorists around the world, number one. So I'm there right beside them in email space in the Internet. And so we need to be able to pick that apart and find the information that's relevant. In doing so, we're going to necessarily encounter Americans and innocent foreign citizens who are just going about their business, and so we have procedures in place that shreds that out, that says, when you find that, not if you find it, when you find it, because you're certain to find it, here's how you protect that. These are called minimization procedures. They're approved by the attorney general and constitutionally based. And so we protect those. And then, for people, citizens of the world who are going about their lawful business on a day-to-day basis, the president on his January 17 speech, laid out some additional protections that we are providing to them. So I think absolutely, folks do have a right to privacy, and that we work very hard to make sure that that right to privacy is protected.
RL: Da, naravno da postoji. Mi posvećujemo ogromnu količinu vremena i pritiska, u stvari trebalo bi da kažem, ogromnu i odgovarajuću količinu vremena i napora da osiguramo zaštitu te privatnosti, i dalje od toga, privatnost građana širom sveta, ne samo Amerikanaca. Nekoliko stvari je ovde u igri. Prvo, svi smo u istoj mreži. Moja komunikacija, ja koristim određeni internet imejl servis koji je prvi po izboru i terorista širom sveta. Ja se dakle nalazim odmah pored njih u imejl prostoru na internetu. Moramo biti sposobni da to razdvojimo i pronađemo značajne informacije. U tom procesu, neminovno ćemo sresti nevine američke i strane građane koji samo gledaju svoja posla, pa tako imamo procedure koje odvajaju, koje kažu, kad to pronađete, ne "ako" pronađete, jer ćete sigurno pronaći, evo kako da ih zaštitite. One se nazivaju procedure minimizacije. Odobrio ih je državni tužilac i zasnovane su na ustavu. Mi ih dakle štitimo. Potom, za ljude, građane sveta koji obavljaju svoje legalne poslove svakog dana, predsednik je u svom govoru 17. januara predstavio dodatne zaštite koje im obezbeđujemo. Mislim da ljudi apsolutno imaju prava na privatnosti, i mi naporno radimo da osiguramo da je to pravo zaštićeno.
CA: What about foreigners using American companies' Internet services? Do they have any privacy rights?
KA: Šta je sa strancima koji koriste internet usluge američkih kompanija? Da li oni imaju prava na privatnost?
RL: They do. They do, in the sense of, the only way that we are able to compel one of those companies to provide us information is when it falls into one of three categories: We can identify that this particular person, identified by a selector of some kind, is associated with counterterrorist or proliferation or other foreign intelligence target.
RL: Imaju. U smislu da je jedini način da primoramo neku od tih kompanija da nam da informacije, onda kada spada u jednu od tri kategorije: možemo uz pomoć nekog kriterijuma, da identifikujemo da je određena osoba, povezana sa protivterorizmom ili oružjem ili nekom drugom metom strane obaveštajne službe.
CA: Much has been made of the fact that a lot of the information that you've obtained through these programs is essentially metadata. It's not necessarily the actual words that someone has written in an email or given on a phone call. It's who they wrote to and when, and so forth. But it's been argued, and someone here in the audience has talked to a former NSA analyst who said metadata is actually much more invasive than the core data, because in the core data you present yourself as you want to be presented. With metadata, who knows what the conclusions are that are drawn? Is there anything to that?
KA: Mnogo se govori o činjenici da mnogo informacija koje ste skupili kroz ove programe čine metapodaci. To nisu obavezno konkretne reči koje je neko napisao u mejlu ili rekao preko telefona. Nego kome su pisali, kada, i tako dalje. Ali tvrdi se, i neko iz publike je razgovarao sa jednim bivšim analitičarem NSA koji je rekao da su metapodaci mnogo invazivniji od sadržaja, jer putem sadržaja se predstavljate onako kako želite. Sa metapodacima, ko zna kakvi se zaključci donose? Recite nešto o tome.
RL: I don't really understand that argument. I think that metadata's important for a couple of reasons. Metadata is the information that lets you find connections that people are trying to hide. So when a terrorist is corresponding with somebody else who's not known to us but is engaged in doing or supporting terrorist activity, or someone who's violating international sanctions by providing nuclear weapons-related material to a country like Iran or North Korea, is trying to hide that activity because it's illicit activity. What metadata lets you do is connect that. The alternative to that is one that's much less efficient and much more invasive of privacy, which is gigantic amounts of content collection. So metadata, in that sense, actually is privacy-enhancing. And we don't, contrary to some of the stuff that's been printed, we don't sit there and grind out metadata profiles of average people. If you're not connected to one of those valid intelligence targets, you are not of interest to us.
RL: Ne razumem baš tu tvrdnju. Mislim da su metapodaci važni iz par razloga. To su informacije koje vam omogućavaju da pronađete veze koje ljudi pokušavaju da sakriju. Dakle, kada neki terorista komunicira sa nekim ko nam nije poznat, ali je uključen u terorističke aktivnosti, ili s nekim ko krši međunarodne sankcije obezbeđujući materijal u vezi sa nuklearnim oružjem zemlji kao što je Iran ili Severna Koreja, i pokušava da te aktivnosti sakrije jer nisu dozvoljene. Metapodaci vam omogućavaju da to povežete. Alternativa je mnogo manje efikasna i mnogo više zadire u privatnost, a to je skupljanje ogromne količine sadržaja. Dakle, metapodaci, u tom smislu, povećavaju privatnost. I nasuprot mnogo čemu što je pisano, mi ne sedimo i ne pravimo profile metapodataka običnih ljudi. Ako niste povezani sa nekom proverenom metom, niste nam zanimljivi.
CA: So in terms of the threats that face America overall, where would you place terrorism?
KA: Kad su u pitanju sve pretnje s kojima se Amerika suočava, gde biste postavili terorizam?
RL: I think terrorism is still number one. I think that we have never been in a time where there are more places where things are going badly and forming the petri dish in which terrorists take advantage of the lack of governance. An old boss of mine, Tom Fargo, Admiral Fargo, used to describe it as arcs of instability. And so you have a lot of those arcs of instability in the world right now, in places like Syria, where there's a civil war going on and you have massive numbers, thousands and thousands of foreign fighters who are coming into Syria to learn how to be terrorists and practice that activity, and lots of those people are Westerners who hold passports to European countries or in some cases the United States, and so they are basically learning how to do jihad and have expressed intent to go out and do that later on in their home countries. You've got places like Iraq, which is suffering from a high level of sectarian violence, again a breeding ground for terrorism. And you have the activity in the Horn of Africa and the Sahel area of Africa. Again, lots of weak governance which forms a breeding ground for terrorist activity. So I think it's very serious. I think it's number one. I think number two is cyber threat. I think cyber is a threat in three ways: One way, and probably the most common way that people have heard about it, is due to the theft of intellectual property, so basically, foreign countries going in, stealing companies' secrets, and then providing that information to state-owned enterprises or companies connected to the government to help them leapfrog technology or to gain business intelligence that's then used to win contracts overseas. That is a hugely costly set of activities that's going on right now. Several nation-states are doing it. Second is the denial-of-service attacks. You're probably aware that there have been a spate of those directed against the U.S. financial sector since 2012. Again, that's a nation-state who is executing those attacks, and they're doing that as a semi-anonymous way of reprisal. And the last one is destructive attacks, and those are the ones that concern me the most. Those are on the rise. You have the attack against Saudi Aramco in 2012, August of 2012. It took down about 35,000 of their computers with a Wiper-style virus. You had a follow-on a week later to a Qatari company. You had March of 2013, you had a South Korean attack that was attributed in the press to North Korea that took out thousands of computers. Those are on the rise, and we see people expressing interest in those capabilities and a desire to employ them.
RL: Mislim da je još uvek na prvom mestu. Nikada nije postojalo vreme gde postoji toliko mesta na kojima se stvari loše odvijaju, i formiraju pogodno tlo gde teroristi iskorišćavaju nedostatak vlasti. Moj stari šef, admiral Tom Fargo, to je opisivao kao lukove nestabilnosti. Trenutno u svetu ima mnogo lukova nestabilnoti, na primer u Siriji, gde besni građanski rat i imate mnogo, hiljade i hiljade stranih vojnika koji dolaze u Siriju da nauče da budu teroristi i praktikuju te aktivnosti, i mnogi od njih su zapadnjaci sa pasošima evropskih zemalja, ponekad i SAD-a, i oni u osnovi uče kako da sprovode džihad i izjasnili su se da žele da kasnije to sprovedu u svojim zemljama. Imate mesta kao što je Irak, gde vlada visok stepen sektaškog nasilja, što je takođe pogodno mesto za terorizam. Imate i aktivnosti na rogu Afrike i u regiji Sahel. Ponovo, mnogo slabe vlasti koja je pogodno tlo za terorističke aktivnosti. Dakle, mislim da je to vrlo ozbiljno. Na prvom mestu. A na drugom su sajber pretnje. I to na tri načina: najčešći način, za koji su ljudi čuli, je usled krađe intelektualne svojine, u osnovi strane države kradu tajne od kompanija i potom te informacije dele sa državnim firmama ili kompanijama povezanim sa vladom, kako bi im pomogle u tehnološkom napretku ili sticanju poslovnih informacija koje potom koriste da dobiju poslove u inostranstvu. Te aktivnosti koje se trenutno odvijaju su veoma skupe. Nekoliko država ih čini. Na drugom mestu su napadi onemogućavanja pristupa. Verovatno znate da je mnoštvo njih upereno protiv američkog finansijskog sektora od 2012. Opet, neka država sprovodi te napade, i to čine kao poluanonimni način osvete. Poslednji su destruktivni napadi, i oni me najviše brinu. Oni su u porastu. 2012. je bio napad protiv kompanije Saudi Aramco, u avgustu 2012. Onesposobio je oko 35.000 njihovih računara virusom tipa Wiper. Nedelju dana kasnije isto se desilo jednoj katarskoj kompaniji. U martu 2013. napad iz Južne Koreje mediji su pripisali Severnoj Koreji, a on je onesposobio hiljade računara. Oni su u porastu, i vidimo da se ljudi interesuju za te mogućnosti i žele da ih sprovedu.
CA: Okay, so a couple of things here, because this is really the core of this, almost. I mean, first of all, a lot of people who look at risk and look at the numbers don't understand this belief that terrorism is still the number one threat. Apart from September 11, I think the numbers are that in the last 30 or 40 years about 500 Americans have died from terrorism, mostly from homegrown terrorists. The chance in the last few years of being killed by terrorism is far less than the chance of being killed by lightning. I guess you would say that a single nuclear incident or bioterrorism act or something like that would change those numbers. Would that be the point of view?
KA: U redu. Ovde ima par stvari, jer je ovo skoro srž stvari. Mislim, pre svega, mnogi koji gledaju rizik i brojeve ne razumeju ovo uverenje da je terorizam i dalje najveća pretnja. Osim 11. septembra, mislim da brojevi pokazuju da je u poslednjih 30 ili 40 godina oko 500 Amerikanaca poginulo usled terorizma, uglavnom od domaćih terorista. U poslednjih nekoliko godina, šansa za smrtni ishod usled terorizma je mnogo manja od šanse za smrtni ishod usled groma. Pretpostavljam da ćete reći da bi jedan nuklearni incident ili čin biološkog terorizma ili slično promenio te brojeve. Da li je to možda ugao posmatranja?
RL: Well, I'd say two things. One is, the reason that there hasn't been a major attack in the United States since 9/11, that is not an accident. That's a lot of hard work that we have done, that other folks in the intelligence community have done, that the military has done, and that our allies around the globe have done. You've heard the numbers about the tip of the iceberg in terms of numbers of terrorist attacks that NSA programs contributed to stopping was 54, 25 of those in Europe, and of those 25, 18 of them occurred in three countries, some of which are our allies, and some of which are beating the heck out of us over the NSA programs, by the way. So that's not an accident that those things happen. That's hard work. That's us finding intelligence on terrorist activities and interdicting them through one way or another, through law enforcement, through cooperative activities with other countries and sometimes through military action. The other thing I would say is that your idea of nuclear or chem-bio-threat is not at all far-fetched and in fact there are a number of groups who have for several years expressed interest and desire in obtaining those capabilities and work towards that.
RL: Rekao bih dve stvari. Prvo, razlog zašto u SAD nije bilo velikog napada od 11. septembra nije slučajnost. U to je uloženo mnogo našeg napornog rada, napornog rada drugih ljudi iz obaveštajne zajednice, vojske, i naših saveznika širom sveta. Čuli ste za brojeve koji označavaju vrh ledenog brega, broj terorističkih napada koje su programi NSA sprečili je 54, od toga 25 u Evropi, a od tih 25, 18 u tri države, od kojih su neke naši saveznici, a neke nas kritikuju zbog NSA programa. Dakle, nije slučajnost da se to dešava. To je naporan rad. Mi pronalazimo informacije o terorističkim aktivnostima i presrećemo ih na ovaj ili onaj način, zakonskim putem, kroz saradnju sa drugim državama, ponekad vojnim putem. Drugo što bih rekao je da vaša ideja o nuklearnoj ili biološkoj pretnji nije tako neverovatna, zapravo postoje određene grupe koje se godinama interesuju i žele da pribave takve mogućnosti i rade na tome.
CA: It's also been said that, of those 54 alleged incidents, that as few as zero of them were actually anything to do with these controversial programs that Mr. Snowden revealed, that it was basically through other forms of intelligence, that you're looking for a needle in a haystack, and the effects of these programs, these controversial programs, is just to add hay to the stack, not to really find the needle. The needle was found by other methods. Isn't there something to that?
KA: Takođe se govorilo da, od ta 54 navodna incidenta, nijedan od njih nije imao veze sa kontroverznim programima koje je gospodin Snouden otkrio, da zapravo kroz druge obaveštajne forme tražite iglu u plastu sena, a da su efekti tih programa, tih kontroverznih programa, samo da dodaju seno na plast, ne i da pronađu iglu. Igla je pronađena drugim metodama. Zar nema nečega u tome?
RL: No, there's actually two programs that are typically implicated in that discussion. One is the section 215 program, the U.S. telephony metadata program, and the other one is popularly called the PRISM program, and it's actually section 702 of the FISA Amendment Act. But the 215 program is only relevant to threats that are directed against the United States, and there have been a dozen threats where that was implicated. Now what you'll see people say publicly is there is no "but for" case, and so there is no case where, but for that, the threat would have happened. But that actually indicates a lack of understanding of how terrorist investigations actually work. You think about on television, you watch a murder mystery. What do you start with? You start with a body, and then they work their way from there to solve the crime. We're actually starting well before that, hopefully before there are any bodies, and we're trying to build the case for who the people are, what they're trying to do, and that involves massive amounts of information. Think of it is as mosaic, and it's hard to say that any one piece of a mosaic was necessary to building the mosaic, but to build the complete picture, you need to have all the pieces of information. On the other, the non-U.S.-related threats out of those 54, the other 42 of them, the PRISM program was hugely relevant to that, and in fact was material in contributing to stopping those attacks.
RL: Ne, postoje dva programa koja se pominju u tim diskusijama. Jedan je program Člana 215, program metapodataka američke telefonije, a drugi je popularno nazvan program PRIZMA, koji je u stvari Član 702 Amandmana FISA zakona. Ali program Člana 215 se odnosi samo na pretnje koje su usmerene protiv SAD-a, i bilo je desetine takvih pretnji gde je to bilo uključeno. Čućete da ljudi javno govore da ne postoji slučaj "osim za", ne postoji slučaj, osim tog, gde bi se pretnja desila. Ali to pokazuje nedostatak razumevanja funkcionisanja istrage o teroristima. Na televiziji gledate misteriozno ubistvo. Odakle počinjete? Počinjete sa telom, pa se odatle rešava slučaj. A mi počinjemo mnogo pre toga, nadam se pre nego što se tela pojave i pokušavamo da izgradimo slučaj o tim ljudima, šta pokušavaju da urade, a to uključuje ogromne količine informacija. Mislite o tome kao o mozaiku, teško je reći da je bilo koji deo mozaika neophodan za njegovu izradu, ali da biste napravili celovitu sliku, potrebni su vam svi delovi informacije. Za ostale pretnje od onih 54, koje se ne odnose na SAD, za one 42, program PRIZMA je bio izuzetno važan, presudan u doprinosu zaustavljanja tih napada.
CA: Snowden said two days ago that terrorism has always been what is called in the intelligence world "a cover for action," that it's something that, because it invokes such a powerful emotional response in people, it allows the initiation of these programs to achieve powers that an organization like yours couldn't otherwise have. Is there any internal debate about that?
KA: Snouden je pre dva dana rekao da je terorizam oduvek, kako se u obaveštajnom svetu naziva, "paravan za akciju", nešto što, zbog toga što kod ljudi izaziva tako snažnu emocionalnu reakciju, dozvoljava osnivanje ovih programa kako bi se postigle moći koje organizacija kao što je vaša drugačije ne bi mogla da ima. Postoji li neka interna debata u vezi s tim?
RL: Yeah. I mean, we debate these things all the time, and there is discussion that goes on in the executive branch and within NSA itself and the intelligence community about what's right, what's proportionate, what's the correct thing to do. And it's important to note that the programs that we're talking about were all authorized by two different presidents, two different political parties, by Congress twice, and by federal judges 16 different times, and so this is not NSA running off and doing its own thing. This is a legitimate activity of the United States foreign government that was agreed to by all the branches of the United States government, and President Madison would have been proud.
RL: Da. Mislim, o tome razgovaramo stalno, rasprava se odvija u izvršnoj grani i u samoj NSA, kao i u obaveštajnoj zajendici, o tome šta je ispravno, odgovarajuće, šta je dobro uraditi. Važno je naglasiti da su programe o kojima govorimo odobrila dva različita predsednika, dve različite političke partije, dva puta Kongres, i 16 puta savezne sudije, dakle nije se NSA otkačila i radi nešto na svoju ruku. Ovo je legitimna aktivnost inostrane politike SAD-a u vezi s kojom su se složile sve grane vlade Sjedinjenih Američkih Država, i predsednik Medison bi bio ponosan.
CA: And yet, when congressmen discovered what was actually being done with that authorization, many of them were completely shocked. Or do you think that is not a legitimate reaction, that it's only because it's now come out publicly, that they really knew exactly what you were doing with the powers they had granted you?
KA: Ipak, kad su ljudi u Kongresu oktrili šta se zaista radi sa tim ovlašćenjima, mnogi su bili potpuno šokirani. Ili mislite da to nije odgovarajuća reakcija, nego je takva samo zbog toga što je sve obelodanjeno, da su oni u stvari tačno znali šta vi radite sa ovlašćenjima koja su vam dali?
RL: Congress is a big body. There's 535 of them, and they change out frequently, in the case of the House, every two years, and I think that the NSA provided all the relevant information to our oversight committees, and then the dissemination of that information by the oversight committees throughout Congress is something that they manage. I think I would say that Congress members had the opportunity to make themselves aware, and in fact a significant number of them, the ones who are assigned oversight responsibility, did have the ability to do that. And you've actually had the chairs of those committees say that in public. CA: Now, you mentioned the threat of cyberattacks, and I don't think anyone in this room would disagree that that is a huge concern, but do you accept that there's a tradeoff between offensive and defensive strategies, and that it's possible that the very measures taken to, "weaken encryption," and allow yourself to find the bad guys, might also open the door to forms of cyberattack?
RL: Kongres je veliko telo. Ima ih 535, i često se menjaju, u slučaju Predstavničkog doma, na svake dve godine, i mislim da je NSA obezbedila sve bitne informacije našim nadzornim komitetima, a raspodelom tih informacija unutar Kongresa rukovode nadzorni komiteti. Rekao bih da su članovi Kongresa imali šansu da se upoznaju s tim, i zapravo značajan broj njih, onih koji imaju odgovornost nadzora, imao je sposobnost za to. I predsedavajući tih komiteta su to javno i rekli. KA: Pomenuli ste opasnost od sajber napada, mislim da se svi slažu da je to velika briga, ali da li prihvatate postojanje kompromisa između strategija napada i odbrane, i da je moguće da su mere koje su preduzete da "oslabe enkripciju" kako bi se pronašli loši momci, takođe otvorile vrata raznim oblicima sajber napada?
RL: So I think two things. One is, you said weaken encryption. I didn't. And the other one is that the NSA has both of those missions, and we are heavily biased towards defense, and, actually, the vulnerabilities that we find in the overwhelming majority of cases, we disclose to the people who are responsible for manufacturing or developing those products. We have a great track record of that, and we're actually working on a proposal right now to be transparent and to publish transparency reports in the same way that the Internet companies are being allowed to publish transparency reports for them. We want to be more transparent about that. So again, we eat our own dog food. We use the standards, we use the products that we recommend, and so it's in our interest to keep our communications protected in the same way that other people's need to be.
RL: Mislim dve stvari. Prvo, rekli ste da se oslabi enkripcija. Ja nisam. Drugo, NSA ima obe te misije, i naročito naginjemo odbrani, i zapravo osetljivosti koje nalazimo u velikoj većini slučajeva, mi obelodanimo onima koji su odgovorni za proizvodnju i razvoj tih proizvoda. Imamo dosta uspeha u tome, i trenutno radimo na predlogu transparentnosti i objavljivanja izveštaja na isti način na koji je internet kompanijama dozvoljeno da objavljuju svoje izveštaje o transparentnosti. Želimo da budemo transparentniji u vezi s tim. Dakle, opet, mi koristimo svoje proizvode. Koristimo standarde, proizvode koje preporučujemo i u našem je interesu da su naše komunikacije zaštićene na isti način kao i komunikacije drugih.
CA: Edward Snowden, when, after his talk, was wandering the halls here in the bot, and I heard him say to a couple of people, they asked him about what he thought of the NSA overall, and he was very complimentary about the people who work with you, said that it's a really impassioned group of employees who are seeking to do the right thing, and that the problems have come from just some badly conceived policies. He came over certainly very reasonably and calmly. He didn't come over like a crazy man. Would you accept that at least, even if you disagree with how he did it, that he has opened a debate that matters?
KA: Kada je Edvard Snouden, posle svog govora šetao hodnicima ovde, putem robota, čuo sam da su ga neki upitali šta misli o NSA generalno, a on je veoma pohvalio ljude koji rade s vama, rekao da je to nadahnuta grupa radnika koji žele da urade pravu stvar, a da su problemi nastali od loše uobličenih pravila. Ostavio je utisak veoma razumnog i mirnog čoveka. Nije delovao kao ludak. Da li biste prihvatili, čak iako se ne slažete sa njegovim načinom, da je pokrenuo važnu debatu?
RL: So I think that the discussion is an important one to have. I do not like the way that he did it. I think there were a number of other ways that he could have done that that would have not endangered our people and the people of other nations through losing visibility into what our adversaries are doing. But I do think it's an important conversation.
RL: Pa mislim da je to jedna važna diskusija. Ne dopada mi se način na koji je to uradio. Mislim da je bilo mnogo drugih načina na koje je mogao da to uradi, koji ne bi ugrozili naše ljude i ljude drugih nacija kroz gubljenje uvida u to šta rade naši protivnici. Ali mislim da je ovo važna rasprava.
CA: It's been reported that there's almost a difference of opinion with you and your colleagues over any scenario in which he might be offered an amnesty deal. I think your boss, General Keith Alexander, has said that that would be a terrible example for others; you can't negotiate with someone who's broken the law in that way. But you've been quoted as saying that, if Snowden could prove that he was surrendering all undisclosed documents, that a deal maybe should be considered. Do you still think that?
KA: Priča se da postoje skoro različita mišljenja između vas i vaših kolega u vezi sa situacijom u kojoj bi mu mogla biti ponuđena amnestija. Mislim da je vaš šef, general Kit Aleksander, rekao da bi to bio užasan primer za druge; ne možete pregovarati sa nekim ko je na taj način prekršio zakon. Ali vi ste navodno rekli da, ako Snouden može da dokaže da je predao sve neobjavljenje dokumente, da bi se razmislilo o nagodbi. Da li i dalje tako mislite?
RL: Yeah, so actually, this is my favorite thing about that "60 Minutes" interview was all the misquotes that came from that. What I actually said, in response to a question about, would you entertain any discussions of mitigating action against Snowden, I said, yeah, it's worth a conversation. This is something that the attorney general of the United States and the president also actually have both talked about this, and I defer to the attorney general, because this is his lane. But there is a strong tradition in American jurisprudence of having discussions with people who have been charged with crimes in order to, if it benefits the government, to get something out of that, that there's always room for that kind of discussion. So I'm not presupposing any outcome, but there is always room for discussion.
RL: Da, pa zapravo, moja omiljena stvar u vezi sa emisijom "60 minuta" je koliko sam pogrešno citiran. Na pitanje o tome da li bih diskutovao o manjoj kazni za Snoudena, rekao sam da, vredno je razgovora. To je nešto o čemu su državni tužilac i predsednik Sjedninjenih Država već razgovarali, a pominjem državnog tužioca jer je to njegova oblast. Ali u američkom pravu postoji jaka tradicija razgovora sa ljudima koji su optuženi za zločine, kako bi, ako to vladi odgovara, moglo nešto da se izvuče iz toga, dakle uvek ima mesta za takvu diskusiju. Ne predviđam nikakav ishod, ali uvek ima mesta za diskusiju.
CA: To a lay person it seems like he has certain things to offer the U.S., the government, you, others, in terms of putting things right and helping figure out a smarter policy, a smarter way forward for the future. Do you see, has that kind of possibility been entertained at all? RL: So that's out of my lane. That's not an NSA thing. That would be a Department of Justice sort of discussion. I'll defer to them.
KA: Laiku izgleda kao da on ima nešto da ponudi SAD-u, vladi, vama, drugima, kako bi ispravio stvari i pomogao u osmišljavanju pametnije politike, pametnijeg puta u budućnost. Da li je takva mogućnost uopšte razmatrana? RL: Pa, to nije moj posao. To nije posao za NSA. To bi bilo za Ministarstvo pravde, njihova diskusija. Obratio bih se njima.
CA: Rick, when Ed Snowden ended his talk, I offered him the chance to share an idea worth spreading. What would be your idea worth spreading for this group?
KA: Rik, kada je Ed Snouden završio svoj govor ponudio sam mu da predstavi neku ideju vrednu širenja. Koja je vaša ideja vredna deljenja sa ovom publikom?
RL: So I think, learn the facts. This is a really important conversation, and it impacts, it's not just NSA, it's not just the government, it's you, it's the Internet companies. The issue of privacy and personal data is much bigger than just the government, and so learn the facts. Don't rely on headlines, don't rely on sound bites, don't rely on one-sided conversations. So that's the idea, I think, worth spreading. We have a sign, a badge tab, we wear badges at work with lanyards, and if I could make a plug, my badge lanyard at work says, "Dallas Cowboys." Go Dallas. I've just alienated half the audience, I know. So the lanyard that our people who work in the organization that does our crypto-analytic work have a tab that says, "Look at the data." So that's the idea worth spreading. Look at the data.
RL: Dakle, saznajte činjenice. Ovo je veoma važan razgovor i utiče ne samo na NSA, ne samo na vladu, nego i na vas, i na internet kompanije. Problem privatnosti i ličnih podataka je mnogo veći od vlade, dakle saznajte činjenice. Ne oslanjajte se na naslove, na deliće informacija, na jednostrane razgovore. Mislim da je to ideja vredna širenja. Imam značku, na poslu nosimo značke na vrpci, i ako mogu da kažem, na mojoj vrpci piše "Kauboji Dalasa". Napred Dalas. Znam da sam sad udaljio polovinu publike. Vrpca koju nose naši ljudi koji rade u organizaciji koja se bavi kripto-analizom, kaže: "Gledajte podatke". To je ideja vredna širenja. Gledajte podatke.
CA: Rick, it took a certain amount of courage, I think, actually, to come and speak openly to this group. It's not something the NSA has done a lot of in the past, and plus the technology has been challenging. We truly appreciate you doing that and sharing in this very important conversation. Thank you so much.
KA: Rik, bilo je potrebno hrabrosti da dođete i otvoreno govorite pred ovom publikom. Tako nešto NSA nije ranije radila, a i tehnološki je bilo izazovno. Zaista cenimo što ste bili i učestvovali u ovom veoma važnom razgovoru. Mnogo vam hvala.
RL: Thanks, Chris.
RL: Hvala, Kris.
(Applause)
(Aplauz)