DHS and CIA digital purge: Plans to delete emails and network surveillance records

Since when do people object to the government deleting a stockpile of electronic records? Since the digital purge could possibly get rid of evidence that Einstein’s network surveillance doesn’t work like it should. What better way to get rid of damning evidence than to delete the proof? At least, that’s the way some people are looking at the destruction of Einstein records and the potential nuking of years of DHS and CIA emails.

Homeland Security to nuke Einstein data

The Department of Homeland Security claims there is “no research significance” in the Einstein network monitoring system data. According to NextGov, DHS wants to delete Einstein data that is at least three years old and contains files about “traffic to government websites, agency network intrusion and general vulnerabilities.” DHS said “there is ‘quickly diminishing value for most of the data collected pursuant to intrusion detection, prevention and analysis.’ A three-year retention period for reference purposes is sufficient, and ‘the records have no value beyond that point’ but can be kept longer, if needed.”  

An example of data proposed for DHS to delete includes, “Master files and outputs of an electronic information system which performs information technology infrastructure intrusion detection, analysis, and prevention.” That also means metadata traffic from packet captures, such as email and IP addresses, as well as emails from people who warned DHS about some potential cyber threat. Categories to be purged come under the headings of core infrastructure, intrusion detection, intrusion prevention, analysis and information sharing. “Catastrophic cyber events must be kept permanently.”

Security professionals like Johannes Ullrich, dean of research at the SANS Technology Institute, would prefer to see the data released to the public. “The Einstein data would likely be a goldmine for researchers, as it documents attacks against very specific networks in a consistent way over a large extent of time.” He added that the “records might show, for instance, attackers trying to guess host names, such as ‘admin.healthcare.gov,’ that would give them total control over the Obamacare website.”

In the past, some privacy advocates “decried Einstein’s content-revealing inspection of Internet traffic.” Politico pointed out that the system “scans traffic headed to or from federal networks, searching for Internet addresses or pieces of code – called signatures – known to be signs of malware at work. The latest version of Einstein doesn’t just alert system administrators; it actually intercepts the packet with the malicious data and stops it.”

In 2013, the NSA moved ahead with Einstein 3 in order to monitor “government computer traffic on private sector sites.” The intrusion detection and prevention system is supposed to detect malicious traffic and proactively “shoot down an attack before it hits its target.” Politico reported, “The third stage of the $3 billion Homeland Security cybersecurity Einstein program, known as E3A, is stalled due to a “dispute about who will be legally liable if the system goes wrong.”  Both CenturyLink and Verizon provide Internet service to the government and have “signed a contract to operate Einstein. But AT&T won’t sign until it gets a formal guarantee of liability protection.”

Others believe Einstein is a liability to privacy. Back in 2009, even Homeland Security Director of the Government Accountability Project Jesselyn Radack said it posed “too big a threat to Americans’ privacy.” Radack added:

Despite its name, the Einstein 3 program is more genie than genius — an omnipotent force (run by the NSA via AT&T’s “secret rooms”) that does the government’s bidding — spying. The last time around, this sort of scheme was known as the “special access” program — “special” being code for “unconstitutional.” 

A lot of Einstein’s “data likely concerns user activity,” Ginger McCall, director of the Open Government Program at EPIC, told NextGov. “We would typically not want agencies to retain that data.”

“As a general matter, getting rid of data about people’s activities is a pro-privacy, pro-security step; but if the data relates to something they’re trying to hide, that’s bad,” said EFF senior staff attorney Lee Tien. “You’re setting up this data collection system that tracks people when they are using government websites,” he added. By throwing out three-year-old records, “would you be getting rid of the very data that would allow [the Government Accountability Office] to say, ‘Yes it works fine,’ or, ‘No it didn’t work, but got better?’”

CIA and DHS want to obliterate most of their of emails

The National Archives and Records Administration (NARA) proposed preserving some files but destroying government records that lack “administrative, legal, research, or other value.” It applies to portions of the Department of Defense and Department of Justice, and is agency-wide across the CIA and DHS, including TSA.

The Obama administration directed government agencies to come up with better systems to manage “both permanent and temporary email records in an accessible electronic format” by December 31, 2016. That new records management approach was dubbed Capstone. NARA also published a new approach to managing email records, in which most agencies will delete emails older than seven years. But the CIA wants to delete every employee’s email within three years of them leaving the agency. The top 22 CIA officials’ emails would become permanent documents. Homeland Security has a similar plan.

Hold up, not so fast, red alert. Steven Aftergood, of the Federation of American Scientists’ Project on Government Secrecy, believes it is a mistake for NARA to give the CIA thumbs up to destroy email records. He gave NPR an example of the “CIA’s secret destruction nine years ago of videotapes recording the waterboarding of suspected terrorists. ‘They didn’t ask permission,’ he says. ‘They just went ahead and eliminated these records. They will never be retrieved, they will never be reconstructed’.”

In a letter (pdf) to NARA, Senators Diane Feinstein and Saxby Chambliss said “email messages are essential to finding CIA records that may not exist in other so-called permanent records at the CIA.” They questioned the actual storage cost savings to justify the CIA’s new email destruction policy. They asked NARA to reconsider “its tentative approval of the CIA’s proposal, which could allow the destruction of crucial documentary evidence regarding the CIA’s activities that is essential for Congress, the public, and the courts to know.”

“I’m concerned that destroying this data might destroy data that’s material to policy questions about government action,” the EFF’s Tien told Gizmodo. “There is a certain irony in questioning the government’s reasons here, because privacy advocates normally cheer this kind of move. It’s kind of sad. I want to applaud the government for choosing to discard unnecessary data about people. But we have good reason to question the government’s reasons because of what we’ve learned about what we’ve NOT been told.”

If the destruction of electronic records comes down to cloud storage costs of about $50 per terabyte per month, then perhaps the feds should consider hitting pre-Black Friday sales? They could stock up at Newegg on 4TB hard drives for $130.00. Or maybe not because it’s unknown how much electronic data the government has; it probably stretches beyond petabytes to exabytes – “5 exabytes is equal to all words ever spoken by human beings.”

NARA is taking public comment upon the purge program until December 19. For now, happy Thanksgiving! May the force be with you if you brave the brick and mortar stores for Black Friday sales.