Chris Anderson: We had Edward Snowden here a couple days ago, and this is response time. And several of you have written to me with questions to ask our guest here from the NSA. So Richard Ledgett is the 15th deputy director of the National Security Agency, and he's a senior civilian officer there, acts as its chief operating officer, guiding strategies, setting internal policies, and serving as the principal advisor to the director. And all being well, welcome, Rick Ledgett, to TED. (Applause)
克里斯:愛德華斯諾登幾天前 來到了這裏, 現在是回應時間。 你們當中的有些人寫信給我 提問我們來自美國國家安全局的嘉賓。 查德·雷德傑德是美國國家安全局的 第15位副主任 並且他是那兒的高級文職人員, 擔任首席營運官, 負責戰略指導和內部制度建設, 並且擔任主任的主要顧問。 就說這麼多, 有請查德·雷德傑德來到 TED。 (鼓掌)
Richard Ledgett: I'm really thankful for the opportunity to talk to folks here. I look forward to the conversation, so thanks for arranging for that.
查德·雷德傑德:我感到非常榮幸 能有機會給這裏的觀衆演講。 我很期待這次談話, 非常感謝給我安排了這些。
CA: Thank you, Rick. We appreciate you joining us. It's certainly quite a strong statement that the NSA is willing to reach out and show a more open face here. You saw, I think, the talk and interview that Edward Snowden gave here a couple days ago. What did you make of it? RL: So I think it was interesting. We didn't realize that he was going to show up there, so kudos to you guys for arranging a nice surprise like that. I think that, like a lot of the things that have come out since Mr. Snowden started disclosing classified information, there were some kernels of truth in there, but a lot of extrapolations and half-truths in there, and I'm interested in helping to address those. I think this is a really important conversation that we're having in the United States and internationally, and I think it is important and of import, and so given that, we need to have that be a fact-based conversation, and we want to help make that happen.
克里斯:謝謝你,理查。 我們感謝你的到來。 這是一個鄭重的聲明 說美國安全局試圖與外界溝通, 並表現出更開放的一面。 你看過的,我認為, 前幾天在這兒 斯諾登做的演講及採訪。 你是怎麼想的? 理查德:我認為很有意思。 我們沒有意識到他會出現在這兒, 所以恭喜你們在這件事上做得很好, 給了我們一個驚喜。 我認為,像發生的很多事情一樣, 在斯諾登先生 開始披露機密信息以後, 這裡面有部份核心的事實, 但是也有推斷和半真半假的內容。 我很樂意解釋這些問題。 我認為這是一次非常重要的對話 在我們美國 和全世界。 我亦認為這點很重要並且有重要性, 這麼說,我們需要將它作為 一次基於事實的談話, 並且我們希望協助對話的實現。
CA: So the question that a lot of people have here is, what do you make of Snowden's motivations for doing what he did, and did he have an alternative way that he could have gone?
克里斯:所以很多人的問題是, 你認為斯諾登的動機是是什麼 讓他做了那些事情, 並且他有什麼其他選擇嗎?
RL: He absolutely did have alternative ways that he could have gone, and I actually think that characterizing him as a whistleblower actually hurts legitimate whistleblowing activities. So what if somebody who works in the NSA -- and there are over 35,000 people who do. They're all great citizens. They're just like your husbands, fathers, sisters, brothers, neighbors, nephews, friends and relatives, all of whom are interested in doing the right thing for their country and for our allies internationally, and so there are a variety of venues to address if folks have a concern. First off, there's their supervisor, and up through the supervisory chain within their organization. If folks aren't comfortable with that, there are a number of inspectors general. In the case of Mr. Snowden, he had the option of the NSA inspector general, the Navy inspector general, the Pacific Command inspector general, the Department of Defense inspector general, and the intelligence community inspector general, any of whom would have both kept his concerns in classified channels and been happy to address them. (CA and RL speaking at once) He had the option to go to congressional committees, and there are mechanisms to do that that are in place, and so he didn't do any of those things.
理查德:他的的確確 有其他的選擇, 而且我認為把他歸類為 一個告密者 會阻礙了合法舉報的行為。 所以說如果一些在美國安全局工作的人 那裡有超過 35000 個人。 他們全部是優秀的公民。 他們就像是你的丈夫,父親,姐妹, 兄弟,鄰居,侄子,朋友和親戚, 他們全都對做正確的事情感興趣 為他們的國家, 也為我們國際上的同盟國。 所以有很多問題需要強調 如果大家有疑慮的話。 首先,是他們的管理者, 以及在他們的機構內部 處在管理鏈上方的人。 如果他們不喜歡這樣的安排, 美國聯網政府體系下有很多監察長。 像斯諾登這種情況,他有選擇 可以告訴美國安全局監察長, 海軍監察長, 太平洋司令部監察長, 國防部監察長, 情報局監察長, 任何人都是可以把他的擔憂列入內部系統 並且樂意處理的人。 (理查德和安德森同時說話) 他可以選擇去找國會議員, 那裡有處理這些的方法, 然而他並沒有選擇以上任何方法。
CA: Now, you had said that Ed Snowden had other avenues for raising his concerns. The comeback on that is a couple of things: one, that he certainly believes that as a contractor, the avenues that would have been available to him as an employee weren't available, two, there's a track record of other whistleblowers, like [Thomas Andrews Drake] being treated pretty harshly, by some views, and thirdly, what he was taking on was not one specific flaw that he'd discovered, but programs that had been approved by all three branches of government. I mean, in that circumstance, couldn't you argue that what he did was reasonable?
安德森:剛剛,你說到 斯諾登有其他的渠道 可以提出他的擔憂。 但是另一方面: 第一,他完全相信作為承包商, 職員有的選擇他并不擁有, 第二,有其他舉報者的記錄, 像托馬斯·安德魯斯·德雷克 (美國國家安全局前高級官員) 是如何被嚴酷對待的 從某些角度看, 第三,他做的事情 不是針對一個他發現的缺陷, 而是針對被整個三權分立的政府機構 所認可的系統。 我認為,在那種情況下, 你難道能說他所做的事 是不理性的?
RL: No, I don't agree with that. I think that the — sorry, I'm getting feedback through the microphone there — the actions that he took were inappropriate because of the fact that he put people's lives at risk, basically, in the long run, and I know there's been a lot of talk in public by Mr. Snowden and some of the journalists that say that the things that have been disclosed have not put national security and people at risk, and that is categorically not true. They actually do. I think there's also an amazing arrogance to the idea that he knows better than the framers of the Constitution in how the government should be designed and work for separation of powers and the fact that the executive and the legislative branch have to work together and they have checks and balances on each other, and then the judicial branch, which oversees the entire process. I think that's extremely arrogant on his part.
理查德:不,我不認同。 我認為他—— 不好意思,我一直聽到回音 通過麥克—— 他的做法是不合適的 因為他把人們的生命置於危險之中, 本質上,從長遠上看, 而且我知道有很多公眾演講中 由斯諾登和一些記者 說那些被暴露的事情 並沒有影響國家安全和人們的生命安全, 這樣斷然是不正確的。 它們確實影響到了國家和人民的安全。 我認為同樣有一種驚人的傲慢 對這樣一種觀點認為他知道的比 憲法的制定者多 在政府應該如何設計及運作 分工方面 並且事實上執法和立法部門 必須共同合作保持平衡, 而且司法部門, 監督整個過程。 我認為他在這方面是相當自大的。
CA: Can you give a specific example of how he put people's lives at risk?
安德森:你能舉一個具體的例子 他是怎麼把人們的生命置於危險的嗎?
RL: Yeah, sure. So the things that he's disclosed, the capabilities, and the NSA is a capabilities-based organization, so when we have foreign intelligence targets, legitimate things of interest -- like, terrorists is the iconic example, but it includes things like human traffickers, drug traffickers, people who are trying to build advanced weaponry, nuclear weapons, and build delivery systems for those, and nation-states who might be executing aggression against their immediate neighbors, which you may have some visibility into some of that that's going on right now, the capabilities are applied in very discrete and measured and controlled ways. So the unconstrained disclosure of those capabilities means that as adversaries see them and recognize, "Hey, I might be vulnerable to this," they move away from that, and we have seen targets in terrorism, in the nation-state area, in smugglers of various types, and other folks who have, because of the disclosures, moved away from our ability to have insight into what they're doing. The net effect of that is that our people who are overseas in dangerous places, whether they're diplomats or military, and our allies who are in similar situations, are at greater risk because we don't see the threats that are coming their way.
理查德:好的。 他揭露的事情, 功能, 美國安全局是一個基於功能的組織, 當我們有國外情報目標時, 合法的感興趣的目標時—— 像,恐怖主義是個代表例子, 但是也包括像人販子, 毒品販子, 準備製造進階武器,核武器的人們, 和為這些武器建立運輸系統的人們, 和那些準備侵略近鄰的國家, 你可能以預測到 哪些正在進行中, 這些功能被應用 在一種非常離散、可測量及可控制的方式。 所以不受約束地披露這些功能 意味著敵人看到 並意識到「哈,我可能會受影響,」 從而不這麼做, 因而我們看見恐怖目標, 在全國範圍, 在各種各樣的走私者中,和其他人 因為這個揭露者 而離開了我們能控制的範圍 及我們的監控。 這樣整體的影響是我們的人民 在海外危險的地方的人民, 不論他們是從事外交還是軍事, 或是和我們情況一樣的盟國 都處在極危險的狀態中因為我們看不見 這些即將到臨的危險。
CA: So that's a general response saying that because of his revelations, access that you had to certain types of information has been shut down, has been closed down. But the concern is that the nature of that access was not necessarily legitimate in the first place. I mean, describe to us this Bullrun program where it's alleged that the NSA specifically weakened security in order to get the type of access that you've spoken of.
克里斯:這裡有一種反應說是 因為他的揭露, 能夠獲得信息的渠道 就被關閉了。 但是現在的問題是本質上這種獲得 信息的渠道一開始就不是合法的。 我的意思是,描述一下這種奔牛系統 美國安全局斷言的 削弱了安全 為了得到一些你說的獲得信息的渠道。
RL: So there are, when our legitimate foreign intelligence targets of the type that I described before, use the global telecommunications system as their communications methodology, and they do, because it's a great system, it's the most complex system ever devised by man, and it is a wonder, and lots of folks in the room there are responsible for the creation and enhancement of that, and it's just a wonderful thing. But it's also used by people who are working against us and our allies. And so if I'm going to pursue them, I need to have the capability to go after them, and again, the controls are in how I apply that capability, not that I have the capability itself. Otherwise, if we could make it so that all the bad guys used one corner of the Internet, we could have a domain, badguy.com. That would be awesome, and we could just concentrate all our efforts there. That's not how it works. They're trying to hide from the government's ability to isolate and interdict their actions, and so we have to swim in that same space. But I will tell you this. So NSA has two missions. One is the Signals Intelligence mission that we've unfortunately read so much about in the press. The other one is the Information Assurance mission, which is to protect the national security systems of the United States, and by that, that's things like the communications that the president uses, the communications that control our nuclear weapons, the communications that our military uses around the world, and the communications that we use with our allies, and that some of our allies themselves use. And so we make recommendations on standards to use, and we use those same standards, and so we are invested in making sure that those communications are secure for their intended purposes.
理查德:所以有,當我們 合法的情報目標如我前面描述的, 用全球通訊系統 作為他們通訐方式, 他們會這麼做的, 因為這是一個很好的系統, 這是人類設計的最複雜的系統, 而且是個奇跡, 有很多人呆在房間裡 負責創造 和增強它, 它是一個奇妙的東西。 但是,它也同樣被人們 利用來對付我們和我們的同盟。 所以如果我要追究他們, 我需要一種 跟蹤他們的能力, 同樣,這種控制在於 我是如何運用我的能力, 而不是在於我擁有能力的本身。 否則,如果我們可以這麼做 所有的壞人都在網絡的一角, 我們可以有一個域名,badguy.com 這樣多棒的, 這樣我們可以集中我們的力量在那裡。 現實不是這個樣子的。 壞人努力想要隱藏在 政府隔離阻斷他們行為的 能力之外, 因此我們也不得不 和他們處於同一個空間。 但是我要告訴你這一點。 美國安全局有兩個任務。 第一是通知情報安全局 這點不幸地我們已經 通過媒體了解了很多。 另一個任務是信息安全保障, 旨在保護美國的國家安全系統, 通過這,像 總統用的通信, 控制核武器的通信, 全世界我們軍隊用的通信, 和我們與盟國直接的通信, 還有我們盟國自己用的。 所以我們就使用標準提出意見, 我們用同樣的標準, 所以我們投資在 確保這些通信 的功能是安全及可靠的。
CA: But it sounds like what you're saying is that when it comes to the Internet at large, any strategy is fair game if it improves America's safety. And I think this is partly where there is such a divide of opinion, that there's a lot of people in this room and around the world who think very differently about the Internet. They think of it as a momentous invention of humanity, kind of on a par with the Gutenberg press, for example. It's the bringer of knowledge to all. It's the connector of all. And it's viewed in those sort of idealistic terms. And from that lens, what the NSA has done is equivalent to the authorities back in Germany inserting some device into every printing press that would reveal which books people bought and what they read. Can you understand that from that viewpoint, it feels outrageous?
克里斯:但是這聽起來你是說 當涉及到大如網際網路, 任何策略都是公平的 如果是為了提高美國的安全。 並且我認為這是一部分 就是人們意見分歧的地方, 現場很多的人們 及全世界的人中 並不是這麼看待網際網路。 他們認為網路是一個人類 巨大的發明, 例如與古騰堡看齊的那種, 它是知識的所有使者。 是一切的連接。 它是被這些理想的詞彙描述。 從這些視角, 美國安全局做的相當於 和德國當局以前 在所有的印刷社安裝設備, 可以洩露人們買哪些書 和讀哪些書。 你可以從這個立場理解 這是多麼的蠻橫和不像話嗎?
RL: I do understand that, and I actually share the view of the utility of the Internet, and I would argue it's bigger than the Internet. It is a global telecommunications system. The Internet is a big chunk of that, but there is a lot more. And I think that people have legitimate concerns about the balance between transparency and secrecy. That's sort of been couched as a balance between privacy and national security. I don't think that's the right framing. I think it really is transparency and secrecy. And so that's the national and international conversation that we're having, and we want to participate in that, and want people to participate in it in an informed way. So there are things, let me talk there a little bit more, there are things that we need to be transparent about: our authorities, our processes, our oversight, who we are. We, NSA, have not done a good job of that, and I think that's part of the reason that this has been so revelational and so sensational in the media. Nobody knew who we were. We were the No Such Agency, the Never Say Anything. There's takeoffs of our logo of an eagle with headphones on around it. And so that's the public characterization. And so we need to be more transparent about those things. What we don't need to be transparent about, because it's bad for the U.S., it's bad for all those other countries that we work with and that we help provide information that helps them secure themselves and their people, it's bad to expose operations and capabilities in a way that allows the people that we're all working against, the generally recognized bad guys, to counter those.
理查德:我明白這一點,事實上 我也是這麼看待網路的使用, 並且我會爭辯說它比網路還要大。 它是一個全球通訊系統。 網際網路只是其中的一大部份, 但是還有其他很多的東西。 我認為人們有合法的關注 對於透明度和機密的平衡。 這樣一個橫臥在 隱私和國家安全的平衡。 我不認為這是正確的。 我認為這是有關透明度和隱私。 所以我們現在這是國家和世界的對話, 我們想要參與其中,並且想要 人們以一種知情的方式參與其中。 所以有些事情, 讓我對此加以闡述, 有些事情我們需要保持透明度: 我們的主管部門,我們的過程, 我們的疏忽,我們是誰。 我們,國家安全局,對於這點並沒有做到很好, 所以我認為這是一部分原因 這樣被披露 容易被煽情在媒體中。 沒有人知道我們是誰。 我們是不存在的,是從不說任何事。 在我們的標誌中有種權衡 一隻老鷹和它頭上的耳機。 所以這是公眾特徵。 而且我們需要對這些事情更加透明。 而我們不需要透明的事情, 一些會對美國不利, 對其他我與們合作的國家不利, 並且我們提供資訊 去幫助他們確保自己的安全 和他們人民的安全, 暴露這些行動和能力是糟糕的 對於我們的敵人來說, 那些普遍認為的壞人, 需要對付的那些人。
CA: But isn't it also bad to deal a kind of body blow to the American companies that have essentially given the world most of the Internet services that matter? RL: It is. It's really the companies are in a tough position, as are we, because the companies, we compel them to provide information, just like every other nation in the world does. Every industrialized nation in the world has a lawful intercept program where they are requiring companies to provide them with information that they need for their security, and the companies that are involved have complied with those programs in the same way that they have to do when they're operating in Russia or the U.K. or China or India or France, any country that you choose to name. And so the fact that these revelations have been broadly characterized as "you can't trust company A because your privacy is suspect with them" is actually only accurate in the sense that it's accurate with every other company in the world that deals with any of those countries in the world. And so it's being picked up by people as a marketing advantage, and it's being marketed that way by several countries, including some of our allied countries, where they are saying, "Hey, you can't trust the U.S., but you can trust our telecom company, because we're safe." And they're actually using that to counter the very large technological edge that U.S. companies have in areas like the cloud and Internet-based technologies.
克里斯:但是這不也是糟糕的 去對付打擊了那些美國公司 幾乎為整個世界 提供網絡服務的公司? 理查德:是的。這些公司事實上 處在艱難的位置,和我們一樣, 因為這些公司, 我們強迫他們提供信息, 和世界上其他國家一樣。 世界上任何一個工業化的國家 都有一個合法攔截程序 它們要求公司 提供他們信息 為了保證安全, 而且這些參與的公司 遵守這些程序 以一種不得已的方式 如果他們在俄國或者英國運營, 或者中國,印度,法國, 任何一個你說得出的國家。 所以事實上這些啟示 被定性為 「你不能相信公司A因為 你的隱私對於他們來說是犯罪嫌疑人」 事實上只有準確的意義 和其他世界上的 要和世界上的這些國家打交道的公司。 所以這點被人們指出 作為市場營銷優勢, 而且在幾個國家被這樣標記, 包括我們的同盟國, 那裡的人們說, 「嗨,你不能相信美國, 但是你可以相信我們的通信公司, 因為我們是安全的。」 事實上它們使用反擊 非常大的邊緣技術 那些美國公司所擁有的 在雲計算和基於網路的領域。
CA: You're sitting there with the American flag, and the American Constitution guarantees freedom from unreasonable search and seizure. How do you characterize the American citizen's right to privacy? Is there such a right?
克里斯:你和一面美國國旗坐在一起, 而且美國憲法確保 不受不合理的搜查和逮捕的自由權利。 你如何定性 美國公民的隱私權? 有這樣的權利嗎?
RL: Yeah, of course there is. And we devote an inordinate amount of time and pressure, inordinate and appropriate, actually I should say, amount of time and effort in order to ensure that we protect that privacy. and beyond that, the privacy of citizens around the world, it's not just Americans. Several things come into play here. First, we're all in the same network. My communications, I'm a user of a particular Internet email service that is the number one email service of choice by terrorists around the world, number one. So I'm there right beside them in email space in the Internet. And so we need to be able to pick that apart and find the information that's relevant. In doing so, we're going to necessarily encounter Americans and innocent foreign citizens who are just going about their business, and so we have procedures in place that shreds that out, that says, when you find that, not if you find it, when you find it, because you're certain to find it, here's how you protect that. These are called minimization procedures. They're approved by the attorney general and constitutionally based. And so we protect those. And then, for people, citizens of the world who are going about their lawful business on a day-to-day basis, the president on his January 17 speech, laid out some additional protections that we are providing to them. So I think absolutely, folks do have a right to privacy, and that we work very hard to make sure that that right to privacy is protected.
理查德:是,當然有。 並且我們投入過多的時間和壓力, 過多的而且合適的,事實上我應該這樣說, (我們投入了)大量的時間和精力為了確保 我們保護隱私。 除此之外,也保護 在世界範圍內,不光是美國人的公民隱私。 有幾件事情發揮著作用。 第一,我們處在同一個網絡。 我的通信, 我是一特定的網路郵件服務的其中一個用戶 這服務也是 世界上恐怖主義使用郵件服務的首選。 所以在網路的郵件空間里, 我就在他們旁邊。 所以我們需要能夠挑出那部分 並找到相關的信息。 這樣做,我們就一定會遇到 美國人和無辜的外國人 那些只在忙自己分內事的人。 因此,我們有操作程序 將這部份信息(恐怖分子)分離出來, 也就是說,當你發現這個信息的時候, 不是如果你發現,而是 當你發現,因為你一定會發現, 你將如何保護這個信息。 這些被稱作最小化程序。 他們由總監察長批准 并依據憲法。 所以我們保護這些操作程序。 然後,我們再保護人民,世界各國的公民 那些做著合法生意 日常工作的人。 總統在1月17日的演講中, 提出額外的我們將提供的 保護措施。 所以我絕對認為, 人們有隱私權, 而且我們非常努力確保 隱私權被保護。
CA: What about foreigners using American companies' Internet services? Do they have any privacy rights?
克里斯:那麼對於 使用美國公司網路服務的外國人來說呢? 他們有隱私權嗎?
RL: They do. They do, in the sense of, the only way that we are able to compel one of those companies to provide us information is when it falls into one of three categories: We can identify that this particular person, identified by a selector of some kind, is associated with counterterrorist or proliferation or other foreign intelligence target.
理查德:他們有,他們有的,在某種意義上, 我們唯一能強迫 這些公司的其中一員提供給我們信息的 只有這三種情況: 我們可以辨別由某種選擇器鑒定出的 這個特定的人 與反恐有關, 或者與擴散外國情報目標有關。
CA: Much has been made of the fact that a lot of the information that you've obtained through these programs is essentially metadata. It's not necessarily the actual words that someone has written in an email or given on a phone call. It's who they wrote to and when, and so forth. But it's been argued, and someone here in the audience has talked to a former NSA analyst who said metadata is actually much more invasive than the core data, because in the core data you present yourself as you want to be presented. With metadata, who knows what the conclusions are that are drawn? Is there anything to that?
克里斯:大多數事實表明, 大部分你通過這些計劃 獲得的信息是元數據。 不見得是某人寫在郵件中 的實際文字 或者電話會話中的實際文字。 是那些收件的人、時間等等。 但是這有爭議, 現場有觀眾和 以前的國家安全局分析師聊過 元數據實際上更具有侵略性 和核心數據比起來, 因為在核心數據中 你把自己想展示出來的一面展示出來。 有了元數據,誰知道那些結論 是怎麼得到的? 有什麼說法嗎?
RL: I don't really understand that argument. I think that metadata's important for a couple of reasons. Metadata is the information that lets you find connections that people are trying to hide. So when a terrorist is corresponding with somebody else who's not known to us but is engaged in doing or supporting terrorist activity, or someone who's violating international sanctions by providing nuclear weapons-related material to a country like Iran or North Korea, is trying to hide that activity because it's illicit activity. What metadata lets you do is connect that. The alternative to that is one that's much less efficient and much more invasive of privacy, which is gigantic amounts of content collection. So metadata, in that sense, actually is privacy-enhancing. And we don't, contrary to some of the stuff that's been printed, we don't sit there and grind out metadata profiles of average people. If you're not connected to one of those valid intelligence targets, you are not of interest to us.
理查德:我實際上不明白那點爭議。 我認為元數據很重要有幾點原因。 元數據是信息,它讓你 找到那些人們想隱藏起來的關係。 所以當一個恐怖分子回應了 一些我們不認識的人, 但卻從事或支持恐怖活動的人, 或者某些通過提供核武器相關材料 給像伊朗和北韓等國家的 違反國際制裁的人, 正想方設法隱藏這些非法活動。 元數據讓你把這些聯繫起來。 另一種選擇 是一種效率低得多 而且更侵略隱私的方式, 那就是極大量的內容集合。 所以元數據,在某種意義上, 其實增強了隱私。 而且我們不…… 和刊登的消息相反, 我們不坐在那挑出 一般人的元數據資料。 如果你不和 那些有效的情報目標聯繫, 我們對你不感興趣。
CA: So in terms of the threats that face America overall, where would you place terrorism?
克里斯:從美國面臨 的整體威脅來講, 你把恐怖主義排在哪裡?
RL: I think terrorism is still number one. I think that we have never been in a time where there are more places where things are going badly and forming the petri dish in which terrorists take advantage of the lack of governance. An old boss of mine, Tom Fargo, Admiral Fargo, used to describe it as arcs of instability. And so you have a lot of those arcs of instability in the world right now, in places like Syria, where there's a civil war going on and you have massive numbers, thousands and thousands of foreign fighters who are coming into Syria to learn how to be terrorists and practice that activity, and lots of those people are Westerners who hold passports to European countries or in some cases the United States, and so they are basically learning how to do jihad and have expressed intent to go out and do that later on in their home countries. You've got places like Iraq, which is suffering from a high level of sectarian violence, again a breeding ground for terrorism. And you have the activity in the Horn of Africa and the Sahel area of Africa. Again, lots of weak governance which forms a breeding ground for terrorist activity. So I think it's very serious. I think it's number one. I think number two is cyber threat. I think cyber is a threat in three ways: One way, and probably the most common way that people have heard about it, is due to the theft of intellectual property, so basically, foreign countries going in, stealing companies' secrets, and then providing that information to state-owned enterprises or companies connected to the government to help them leapfrog technology or to gain business intelligence that's then used to win contracts overseas. That is a hugely costly set of activities that's going on right now. Several nation-states are doing it. Second is the denial-of-service attacks. You're probably aware that there have been a spate of those directed against the U.S. financial sector since 2012. Again, that's a nation-state who is executing those attacks, and they're doing that as a semi-anonymous way of reprisal. And the last one is destructive attacks, and those are the ones that concern me the most. Those are on the rise. You have the attack against Saudi Aramco in 2012, August of 2012. It took down about 35,000 of their computers with a Wiper-style virus. You had a follow-on a week later to a Qatari company. You had March of 2013, you had a South Korean attack that was attributed in the press to North Korea that took out thousands of computers. Those are on the rise, and we see people expressing interest in those capabilities and a desire to employ them.
理查德:我認為恐怖主義仍然是第一。 我認為我們從來沒有處在這樣的時代 有更多的地方 發生了糟糕的事情 並且像培養皿一樣。在那裏恐怖主義 利用政府的治理欠缺興風作浪。 我以前的一個上司,Tom Fargo,海軍上將 Fargo, 曾經形容它是不穩定弧。 所以你現在有很多這些 不穩定弧在世界上, 像在敘利亞,那裏有一場內戰 你有大量的人, 成千上萬的外國戰士 來到敘利亞, 去學習如何成爲恐怖主義者 並且練習這項活動, 並且這些人裡的很多人是西方人, 有著歐洲國家護照, 有些人或有美國護照, 所以他們本質上是在學習如何 討伐異教徒並表達了意向 表示他們走出去以後 也會在他們的祖國這麼做。 現在有伊拉克, 現在正承受着宗派暴力, 同樣,它也是恐怖主義滋生的溫床。 同樣在非洲之角有這樣的活動 在非洲薩赫勒地區也有。 同樣,許多由於治理薄弱 而形成的恐怖活動的溫床。 所以我認爲這是非常嚴重的。 我認爲是第一位的。 我認爲第二是網路威脅。 我認爲網絡有三方面威脅: 第一,而且可能是最普遍的形式 人們聽過的, 是由於竊取知識產權, 所以本質上,外國進入, 竊取公司機密, 並且提供這些信息 給國有企業 或者和政府有關的公司, 去幫助他們推進技術進步 或者竊取商業情報 以此來贏得海外合同。 這是一些相當昂貴的正在進行的活動。 有幾個國家正在做。 第二是拒絕服務攻擊。 你可能已經意識到 接連發生的自2012 針對美國金融業的攻擊。 同樣,這是民族國家進行的攻擊, 並且他們這樣做 以此作為一種半匿名的報復方式。 最後一種是破壞性攻擊, 這是我最擔心的一種。 這些正在增加。 有2012年針對沙特阿美公司的, 在 2012 年 8 月, 使 35000 台電腦癱瘓 用一種雨刷式病毒。 一週之後,緊接着 有針對卡塔爾公司的。 2013 年 3 月份, 韓國受到攻擊 根據韓國報刊 成千的電腦癱瘓。 這些正在增加, 並且我們看到人們對這些 能力表示感興趣, 而且渴望採用它們。
CA: Okay, so a couple of things here, because this is really the core of this, almost. I mean, first of all, a lot of people who look at risk and look at the numbers don't understand this belief that terrorism is still the number one threat. Apart from September 11, I think the numbers are that in the last 30 or 40 years about 500 Americans have died from terrorism, mostly from homegrown terrorists. The chance in the last few years of being killed by terrorism is far less than the chance of being killed by lightning. I guess you would say that a single nuclear incident or bioterrorism act or something like that would change those numbers. Would that be the point of view?
克里斯:好,現在有這樣幾件事情, 因爲這是核心,幾乎。 我的意思是,首先, 很多人看風險 看數字 卻並不明白恐怖主義 仍然是頭號威脅這種觀點。 除了 911, 我認爲最近 30-40 年的數字 大概有 500 美國人因恐怖事件喪生, 大多數由於本土形成的恐怖勢力。 最近幾年被恐怖主義 殺死的概率 遠遠比被雷電擊中的概率要小。 我猜你可以說一場核事故 或者生化威脅或者類似的行爲 可以改變這些數字。 是這樣的觀點嗎?
RL: Well, I'd say two things. One is, the reason that there hasn't been a major attack in the United States since 9/11, that is not an accident. That's a lot of hard work that we have done, that other folks in the intelligence community have done, that the military has done, and that our allies around the globe have done. You've heard the numbers about the tip of the iceberg in terms of numbers of terrorist attacks that NSA programs contributed to stopping was 54, 25 of those in Europe, and of those 25, 18 of them occurred in three countries, some of which are our allies, and some of which are beating the heck out of us over the NSA programs, by the way. So that's not an accident that those things happen. That's hard work. That's us finding intelligence on terrorist activities and interdicting them through one way or another, through law enforcement, through cooperative activities with other countries and sometimes through military action. The other thing I would say is that your idea of nuclear or chem-bio-threat is not at all far-fetched and in fact there are a number of groups who have for several years expressed interest and desire in obtaining those capabilities and work towards that.
理查德:好吧,我要說兩件事情。 第一,自 911 以來還沒有一場 大的襲擊的原因是, 那不是偶然。 我們做了很多努力的工作, 其他的人 在情報系統裏的, 在軍隊裏的人, 和我們的世界其他同盟國也做了很多努力。 你聽過有關 美國國家安全局計劃所阻斷的恐怖襲擊 的次數停留在 54, 那只是冰山一角, 其中 25 個在歐洲, 在這 25 個裏, 18 個發生在三個國家, 其中一些是我們的同盟, 另一些是嚴厲打擊我們的國家 尤其是美國國家安全局計劃,順便一提。 所以不是偶然發生。 是因為勤奮的工作。是因為我們發現了 有關恐怖活動的情報 並且以不同的方式禁止, 通過執法, 通過和其他國家的合作, 而且有時候通過軍事活動。 另外一件我要說的事是 你的有關核或者生化威脅的觀點 並不是那麼牽強, 而且事實上有幾個組 多年來表達了興趣 和意願想要得到這些能力 並且實現這些能力。
CA: It's also been said that, of those 54 alleged incidents, that as few as zero of them were actually anything to do with these controversial programs that Mr. Snowden revealed, that it was basically through other forms of intelligence, that you're looking for a needle in a haystack, and the effects of these programs, these controversial programs, is just to add hay to the stack, not to really find the needle. The needle was found by other methods. Isn't there something to that?
克里斯:同樣, 在這 54 起所謂的事故中, 幾乎零個 和那些斯諾登揭發 的有爭議的案子 有任何關係, 那是本質上通過其他形式獲得的情報, 你在海裡撈針, 這些項目的作用, 這些有爭議的項目, 只是給大海增加水滴, 並不是去找到針。 針是通過其他方式找到的。 是不是類似的意思?
RL: No, there's actually two programs that are typically implicated in that discussion. One is the section 215 program, the U.S. telephony metadata program, and the other one is popularly called the PRISM program, and it's actually section 702 of the FISA Amendment Act. But the 215 program is only relevant to threats that are directed against the United States, and there have been a dozen threats where that was implicated. Now what you'll see people say publicly is there is no "but for" case, and so there is no case where, but for that, the threat would have happened. But that actually indicates a lack of understanding of how terrorist investigations actually work. You think about on television, you watch a murder mystery. What do you start with? You start with a body, and then they work their way from there to solve the crime. We're actually starting well before that, hopefully before there are any bodies, and we're trying to build the case for who the people are, what they're trying to do, and that involves massive amounts of information. Think of it is as mosaic, and it's hard to say that any one piece of a mosaic was necessary to building the mosaic, but to build the complete picture, you need to have all the pieces of information. On the other, the non-U.S.-related threats out of those 54, the other 42 of them, the PRISM program was hugely relevant to that, and in fact was material in contributing to stopping those attacks.
理查德:不,其實有兩個項目 通常在那個討論中涉及到。 一個是 215 項目, 美國電話元數據項目, 另一個是 流行的叫法是棱鏡項目, 實際上是外國情報監視法修正案 702 條。 但是 215 項目 只和那些 針對美國的威脅有關, 有一些威脅 是有牽連的。 現在你看到人們公開說 並沒有一個「如果不是」的例子, 所以也沒有例子,如果不是如此, 襲擊就會發生。 實際上這表明一種缺乏對 恐怖調查是怎麼工作的瞭解。 你看電視的時候想, 你看兇手揭祕。 你從何開始?從屍體開始, 接着他們一步步地從那破解犯罪。 我們實際上早在那之前就開始了, 希望早在有任何屍體之前, 並且我們在試著建立案例, 這些人是誰,他們想要做什麼, 這些包含大量信息。 把它想象成馬賽克, 很難說任何一塊馬賽克 是整個馬賽克必要的構成, 但為了構成一個整體畫面, 你需要所有信息碎片。 另一方面,在 54 起事件中 和跟美國威脅無關的事件裡, 另外 42 個, 棱鏡項目和這些有著巨大關聯, 事實上是幫助 阻止了這些襲擊的基礎。
CA: Snowden said two days ago that terrorism has always been what is called in the intelligence world "a cover for action," that it's something that, because it invokes such a powerful emotional response in people, it allows the initiation of these programs to achieve powers that an organization like yours couldn't otherwise have. Is there any internal debate about that?
克里斯:斯諾登兩天前說 恐怖主義一直 被情報世界稱為 「行為的掩飾」, 是一些, 因為調起如此強烈 的情緒在人民當中, 它允許這些項目一開始 獲得權力而你的組織 卻不能獲得的。 這一點有沒有內在的爭議?
RL: Yeah. I mean, we debate these things all the time, and there is discussion that goes on in the executive branch and within NSA itself and the intelligence community about what's right, what's proportionate, what's the correct thing to do. And it's important to note that the programs that we're talking about were all authorized by two different presidents, two different political parties, by Congress twice, and by federal judges 16 different times, and so this is not NSA running off and doing its own thing. This is a legitimate activity of the United States foreign government that was agreed to by all the branches of the United States government, and President Madison would have been proud.
理查德:有的。 我的意思是,我們一直在爭論這些事情, 現在一直在進行著的討論 在行政部門 和在美國安全部門內部 和在情報社區有關 什麼是對的,什麼是合適的, 什麼是正確的做法。 並且值得注意我們剛才 講過的那些項目 是被兩個不同的總統批准的, 兩個不同的政黨, 被國會兩次通過, 而且被州法官批准16次, 所以這不是國家安全局 自作主張。 這是一個合法的行為 在美國外交政府 並且被所有美國政府 機構同意, 而且麥迪遜總統也會為之驕傲的。
CA: And yet, when congressmen discovered what was actually being done with that authorization, many of them were completely shocked. Or do you think that is not a legitimate reaction, that it's only because it's now come out publicly, that they really knew exactly what you were doing with the powers they had granted you?
克里斯:然而,當國會議員發現 事實上這些行為是合法的, 他們當中絕大多數相當震驚。 還是你認為這不是一個合法的反應, 這只是因為現在它完全被曝光了, 他們事實上完全知道你用給予的權利 所做的一切?
RL: Congress is a big body. There's 535 of them, and they change out frequently, in the case of the House, every two years, and I think that the NSA provided all the relevant information to our oversight committees, and then the dissemination of that information by the oversight committees throughout Congress is something that they manage. I think I would say that Congress members had the opportunity to make themselves aware, and in fact a significant number of them, the ones who are assigned oversight responsibility, did have the ability to do that. And you've actually had the chairs of those committees say that in public. CA: Now, you mentioned the threat of cyberattacks, and I don't think anyone in this room would disagree that that is a huge concern, but do you accept that there's a tradeoff between offensive and defensive strategies, and that it's possible that the very measures taken to, "weaken encryption," and allow yourself to find the bad guys, might also open the door to forms of cyberattack?
理查德:國會是個大的整體。 有 535 人, 他們經常變化, 比如眾議院 ,每兩年, 我認為美國安全部提供 所有相關信息給我們的監督委員會, 然後這些信息的傳播 由監督委員會通過議會 是他們管理的。 我認為我可以說議會成員 有機會讓他們自己意識到, 然而事實上他們中的一部分人, 那些有監督責任的人, 事實上是有能力那麼做的。 而且你確實讓這些委員的主席發表公眾言論。 克里斯:那麼,你提到了網路攻擊, 我不認為房間裡的人會不同意, 這是一個很大的問題, 但是你是否接受這有一個權衡 有關進攻和防守策略, 並且有可能這種衡量造成 「減弱加密」, 並且允許你自己找到那些壞人, 同樣也打開了網絡攻擊的大門?
RL: So I think two things. One is, you said weaken encryption. I didn't. And the other one is that the NSA has both of those missions, and we are heavily biased towards defense, and, actually, the vulnerabilities that we find in the overwhelming majority of cases, we disclose to the people who are responsible for manufacturing or developing those products. We have a great track record of that, and we're actually working on a proposal right now to be transparent and to publish transparency reports in the same way that the Internet companies are being allowed to publish transparency reports for them. We want to be more transparent about that. So again, we eat our own dog food. We use the standards, we use the products that we recommend, and so it's in our interest to keep our communications protected in the same way that other people's need to be.
理查德·:所以我認為兩件事。 第一,你說減弱加密。我沒有。 另外一件事就是 美國安全局擁有這兩種使命, 而且我們強烈偏向於防禦, 而且,事實上,我們在大多數壓倒性的例子中 發現了漏洞, 我們紕漏那些負責人 因爲他們製造或者發展了這些產品。 我們有很多大量的記錄, 事實上我們現在正在擬定一個提案 變得更透明而且公開透明發表報告 以一種和網絡公司被允許 發表他們的報告相同的方式。 我們想要變得更透明。 所以又一次的,我們用自己的產品。 我們用條例,我們用那些 我們建議的產品, 所以這是我們的利益 去保護我們的交流 以一種人們需要的方式。
CA: Edward Snowden, when, after his talk, was wandering the halls here in the bot, and I heard him say to a couple of people, they asked him about what he thought of the NSA overall, and he was very complimentary about the people who work with you, said that it's a really impassioned group of employees who are seeking to do the right thing, and that the problems have come from just some badly conceived policies. He came over certainly very reasonably and calmly. He didn't come over like a crazy man. Would you accept that at least, even if you disagree with how he did it, that he has opened a debate that matters?
克里斯:愛德華·斯諾登, 當他結束了他的演講,在大廳裏 遊蕩時, 我聽到他和幾個人交談, 他們問他對 美國安全局的整體評價, 他非常喜歡和你 一起工作的人, 說那是一羣 非常積極的員工 他們努力在做正確的事情, 那些問題只是源自 一些構思不佳的政策。 他看起來是相當的平靜和有條理。 他看起來不像是一個瘋子。 你至少能接受這一點, 即使你不接受他的做法, 他打開了一個關鍵的辯論?
RL: So I think that the discussion is an important one to have. I do not like the way that he did it. I think there were a number of other ways that he could have done that that would have not endangered our people and the people of other nations through losing visibility into what our adversaries are doing. But I do think it's an important conversation.
理查德:所以我認爲討論 是有必要的。 我不喜歡他做的方式。 我認爲有很多其他的方法 他可以選擇 其他不威脅我們人民安全 和其他人民的安全的方式 威脅可以來自與無法掌握 我們的對手正在做什麼。 我認爲這是一個重要的談話。
CA: It's been reported that there's almost a difference of opinion with you and your colleagues over any scenario in which he might be offered an amnesty deal. I think your boss, General Keith Alexander, has said that that would be a terrible example for others; you can't negotiate with someone who's broken the law in that way. But you've been quoted as saying that, if Snowden could prove that he was surrendering all undisclosed documents, that a deal maybe should be considered. Do you still think that?
克里斯:有報告說 你和你的同事 有不同的觀點 對於任何他 被大赦了的情況。 我認爲你的上司,大將 Keith Alexander 曾經說過對於其他人來說, 那將是一個非常槽糕的例子。 你不能和其他人談判 如果他們像那樣違反了法律。 但是你一直引述說, 如果斯諾登可以鄧明他屈服 於未公開的文件, 那個交易也應該被考慮進來。 你還是這麼認爲的嗎?
RL: Yeah, so actually, this is my favorite thing about that "60 Minutes" interview was all the misquotes that came from that. What I actually said, in response to a question about, would you entertain any discussions of mitigating action against Snowden, I said, yeah, it's worth a conversation. This is something that the attorney general of the United States and the president also actually have both talked about this, and I defer to the attorney general, because this is his lane. But there is a strong tradition in American jurisprudence of having discussions with people who have been charged with crimes in order to, if it benefits the government, to get something out of that, that there's always room for that kind of discussion. So I'm not presupposing any outcome, but there is always room for discussion.
理查德:是的,確實如此, 這是我最喜歡《60分鐘》訪談的地方 來自所有錯誤的引用。 我實際上說的是, 在回答記者提問關於, 你會招待對減輕 斯諾登行爲的任何討論, 我說,是的,這是值得討論的。 這也是一般美國律師 和總統 事實上都談過, 而且我服從大多數的律師, 因爲這是他的軌道。 但是有一個堅固的傳統 在美國法理學上 為了從中得到什麼 對政府有利的信息 鼓勵與被指控犯罪的人們 進行討論。 這裏總是有可以討論的空間。 所以我不提前支持什麼結果, 但是一直是有討論空間的。
CA: To a lay person it seems like he has certain things to offer the U.S., the government, you, others, in terms of putting things right and helping figure out a smarter policy, a smarter way forward for the future. Do you see, has that kind of possibility been entertained at all? RL: So that's out of my lane. That's not an NSA thing. That would be a Department of Justice sort of discussion. I'll defer to them.
克里斯:以一個外行人看 他給美國帶來了點東西, 也給政府、你還有其他人帶來了點東西, 他做對了事情 幫助想出更好的政策, 想出了面對未來更好的方式。 你看,這些可能性 已經被接受了嗎? 理查德:這不是我的範圍。 也不是美國安全局的事。 這是律政司 要討論的。 我會推給他們。
CA: Rick, when Ed Snowden ended his talk, I offered him the chance to share an idea worth spreading. What would be your idea worth spreading for this group?
克里斯: 理查,當斯諾登結束了他的講話, 我給了他一個分享想法的機會。 你認爲什麼想法是值得分享的 對這些人?
RL: So I think, learn the facts. This is a really important conversation, and it impacts, it's not just NSA, it's not just the government, it's you, it's the Internet companies. The issue of privacy and personal data is much bigger than just the government, and so learn the facts. Don't rely on headlines, don't rely on sound bites, don't rely on one-sided conversations. So that's the idea, I think, worth spreading. We have a sign, a badge tab, we wear badges at work with lanyards, and if I could make a plug, my badge lanyard at work says, "Dallas Cowboys." Go Dallas. I've just alienated half the audience, I know. So the lanyard that our people who work in the organization that does our crypto-analytic work have a tab that says, "Look at the data." So that's the idea worth spreading. Look at the data.
理查德:我認爲,瞭解事實。 這是一個非常重要的談話, 它有影響力,不光是美國安全局, 不光是政府, 是你,是這些網路公司。 隱私和個人信息的問題 遠比政府大得多, 所以要學會瞭解事實。 不要依靠頭條新聞, 不要依靠丁點的聲音, 不要依靠片面的談話。 就是這個思想,我認爲,值得傳播。 我們有一個標誌,一個徽章標籤, 我們帶着徽章掛鏈上班, 如果我可以做一個插件, 我工作時的徽章掛鏈會寫着,《達拉斯牛仔》。 達拉斯加油。 我剛剛疏遠了一半的觀衆,我知道。 所以做著加密解析工作的 在這個組織里工作的我們的人 都有個掛鏈, 上面有個標籤寫着「看看這數據。」 這就是值得傳播的想法。 看看數據。
CA: Rick, it took a certain amount of courage, I think, actually, to come and speak openly to this group. It's not something the NSA has done a lot of in the past, and plus the technology has been challenging. We truly appreciate you doing that and sharing in this very important conversation. Thank you so much.
克里斯:理查,這需要相當的勇氣, 我認爲,實際上,來和這些觀衆 暢所欲言。 這不是美國安全局曾經做過很多的, 而且加上科技也更加具有挑戰性。 我們很感激 你能和我們分享這次重要的談話。 非常感謝你。
RL: Thanks, Chris.
理查德:謝謝克里斯。
(Applause)
(鼓掌)