Those reforms included overhauling the way Washington conducts background checks on people given access to classified information, a new task force to create and enforce security rules for agencies that handle sensitive data, and cutbacks in the number of employees allowed access to top secret material. Booz Allen Hamilton, the consulting firm that employed Snowden and the recipient of billions of dollars in contracts with the U.S. intelligence community, last year teamed up with Raytheon to create a service that records an employee’s activity on his or her computer screen.
Two weeks ago, though, the government announced the arrest of another NSA contractor and former Booz Allen employee: Harold Thomas Martin III allegedly took home reams of top secret data over the course of many years. And Martin’s arrest sends a clear message — those NSA reforms weren’t enough.
Should we construe this episode as Snowden 2.0? Not exactly. We’ve been bird-dogging the case, hoping for answers to the questions it raises. But much remains opaque. What we do know may say more about the agency than about Martin.
Martin, 51, a Navy veteran from Glen Burnie, Md., has been charged with unauthorized removal and retention of classified materials, and theft of government property. The latter charge is the more serious, and could mean up to 10 years in prison if he’s convicted. Federal prosecutors say Martin took home documents and digital data “critical to a wide variety of national security issues.”
But investigators aren’t convinced Martin had leaked anything to anyone. He may simply have been stockpiling or even working with the data, though if that’s the case, the feds still want to know why. If Martin’s a hoarder rather than a leaker, that would distinguish him from Snowden, seen by some Americans as a traitor and by others as a whistleblower. What’s indisputable is that Snowden shed light on the massive amount of surveillance carried out by the federal government.
Nevertheless, there’s plenty that the NSA needs to worry about. While investigators say Martin’s removal of data from the NSA dates to the 1990s, long before Snowden’s activities came to light in 2013, some of the material Martin took dates to 2014, after the NSA instituted post-Snowden reforms to safeguard sensitive data. Thus Martin’s case casts doubt on the effectiveness of those reforms.
The government says Martin is suspected of taking classified computer code the U.S. has developed to hack into a foreign government’s computer networks, The New York Times reported. Investigators also want to know if he was connected in any way to the leak of those techniques, which appeared online in August. With that information, Moscow or Beijing could thwart cyberoffensive moves made by the U.S., and even retool the techniques for their own use. Even if Martin didn’t leak the code, someone else certainly did — and that’s just as worrisome for an NSA that was supposed to have learned its lesson from the Snowden episode.
Martin’s arrest also renews questions about giving so much intelligence work to private contractors — specifically to Booz Allen. The McLean, Va., company has failed to show it can ensure its employees don’t pose security risks to the agencies that hire them. The U.S. is not in a position to abandon its reliance on contractors for intel work — the volume of work involved necessitates outside help. But the government should demand that Booz Allen scrutinize its employees more closely.
People who know Martin have been quoted as saying he loves his country, and isn’t the type to sell or leak secrets. As his case wends its way through the courts, we’ll find out if that’s true. Nevertheless, his arrest shows that the NSA is far from firewalled against inside threats.
At a time when Russia has dramatically stepped up its hacking activities and other countries and groups pose similar cyberthreats, this country needs to feel confident that its own cybercapabilities and top secret data remain exactly that — top secret.
©2016 Chicago Tribune. Distributed by Tribune Content Agency, LLC.
